pdfdigital-signaturefoxit-reader

"Unexpected byte range values defining scope of signed data" when signing a pdf


I use a modified version of this library: https://github.com/vbuch/node-signpdf#readme in an angular app to sign a pdf with a signature that has been created elsewhere. When I open the signed pdf with foxit reader the signature is invalid with the following message:

Unexpected byte range values defining scope of signed data

Any ideas what the problem could be?

Here is the file: https://drive.google.com/file/d/1eS2waysotpAx6VtHMNvhGvl3wqgiyoT7/view?usp=sharing


Solution

  • First Example Document

    I couldn't reproduce the “Unexpected byte range values defining scope of signed data” error message with the first example document, Foxit "merely" complained that the signature was invalid. Which it indeed is because you forgot to base64-decode the signature string before injecting it into the PDF - PDF requires the embedded signature containers in DER format.

    Second Example Document

    The second example document was shared in a comment:

    Now I don't get the error about the byte range anymore but I get new errors: "The document has been altered or corrupted since the Signature was applied." and "The Signer's identity is invalid because it has expired or is not yet valid." and "The signature includes an embedded timestamp but it could not be verified." Not sure if I'm doing it correctly now. This is the new file: https://drive.google.com/file/d/1vsa7thwCsi04r68cdcIsfJG7cT2__-d9/view?usp=sharing

    Indeed, the signature container now is injected in DER format, so Foxit Reader can validate it. Concerning the new error messages:

    "The document has been altered or corrupted since the Signature was applied." - this indicates here that there is some digest value mismatch.

    Calculating and extracting the digest values in question shows that the SHA256 digest value of the signed byte ranges of the document is

    6CB28A1F84A85A820908B657A967BFE21C1BA7304D39AE2C8D64F9A15E5BFDB4
    

    while the message digest attribute in the signature container holds

    75C31E9E948D41DE19F668CF4A5BE28128CB0BE8D1E4502A795FF9CA9FE54639
    

    so your signature indeed does not match the signed byte ranges.

    Interestingly, though, this is exactly the same digest as signed in the signature container in the first file. Actually the whole signature container is identical. Apparently, you simply re-used the signature container you retrieved for your previous test. As the signing time in the new document differs, that cannot work, though, you have to calculate the digest of the signed byte ranges anew and request a signature for it.

    That been said, even for your first document that digest is incorrect. So you apparently have an issue calculating digest values.

    "The Signer's identity is invalid because it has expired or is not yet valid." I don't get that error message, not even after manually updating Foxit Reader. First I was informed that the certificate does not chain down to a trust anchor, and after explicitly trusting the root certificate, I get a "The signer's identity is valid." Have you selected some non-standard settings in your Foxit Reader? Or is the date of your local computer completely off?

    "The signature includes an embedded timestamp but it could not be verified." I got that, too, but here I again merely needed to trust the root certificate of the TSA certificate to get going.

    Comments

    In comments you ask:

    Where can I find the message digest attribute in the signature?

    The message digest attribute is a signed attribute of the single SignerInfo in the signature container.

    If you inspect your signature container using an ASN.1 viewer (e.g. http://lapo.it/asn1js/) look for this

    SEQUENCE (2 elem)
      OBJECT IDENTIFIER 1.2.840.113549.1.9.4 messageDigest (PKCS #9)
      SET (1 elem)
        OCTET STRING (32 byte) 75C31E9E948D41DE19F668CF4A5BE28128CB0BE8D1E4502A795FF9CA9FE54639
    

    If you want to understand the details of what you see, you should study RFC 5652 and specifications referenced from there.

    And how can I explicitly trust the root certificate?

    For the signer certificate in Foxit Reader open the Signature Properties dialog, select Show Certificate, select the certificate you want to trust (root CA / intermediate CA / end entity), open the Trust tab, and press Add to Trusted Certificates.

    For the TSA certificate in Foxit Reader open the Signature Properties dialog, at the bottom press Advanced Properties, select Show Certificate in the Timestamp Details, select the certificate you want to trust (root CA / intermediate CA / end entity), open the Trust tab, and press Add to Trusted Certificates.