javaspring-bootpdfboxdigital-signatureacrobat

Blue box appearing instead of digital signature and signature panel contains unsigned signatures


I am using pdfbox library for adding signature.

I am trying to attach digital signature in pdf and verifying it with Notarius Certificate Authority.when I try to attach certificate in pdf, and open it in the adobe acrobat, I am getting blue box appearing on the screen instead of signature image. Also if I open the signature panel of this pdf then it indicated that pdf is certified but it contains three unsigned signature fields (as we have three signatures in the pdf). What should be the reason for getting the blue box? I want my signatures to visible in adobe acrobat pdf reader with verified status.

Here are some images attached for your reference. Signed pdf Signature panel for the same signed pdf file

please download signed pdf and open in in adobe acrobat

I have given the code that is used to insert sign into the pdf.

    private void addSignatureField(PdfField pdfField,PDDocument document,PDAcroForm pdfForm,File signImage,PrintLocation printLocation) throws Exception
   {
      PDRectangle rectangle = signatureFieldRectangle(document.getPage(0),pdfField,printLocation);
      PDPage pdPage = document.getPage(pdfField.getPage());
      List<PDField> pdfFormFields = pdfForm.getFields();
      PDSignatureField signatureField = new PDSignatureField(pdfForm);
      signatureField.setPartialName(pdfField.getName());
      PDAnnotationWidget widget = signatureField.getWidgets().get(0);
      pdfFormFields.add(signatureField);
      widget.setRectangle(rectangle);
      widget.setPage(pdPage);
      PDStream stream = new PDStream(document);
      PDFormXObject form = new PDFormXObject(stream);
      form.setResources(new PDResources());
      form.setFormType(1);
      PDRectangle bbox = new PDRectangle(rectangle.getWidth(), rectangle.getHeight());
      form.setBBox(bbox);

      PDAppearanceDictionary appearance = new PDAppearanceDictionary();
      appearance.getCOSObject().setDirect(true);
      PDAppearanceStream appearanceStream = new PDAppearanceStream(form.getCOSObject());
      appearance.setNormalAppearance(appearanceStream);
      widget.setAppearance(appearance);

      try (PDPageContentStream cs = new PDPageContentStream(document,appearanceStream))
      {
         cs.setNonStrokingColor(Color.white);
         cs.addRect(-5000, -5000, 10000, 10000);
         cs.fill();
         if (signImage != null) {
            cs.saveGraphicsState();
            cs.transform(Matrix.getScaleInstance(0.25f, 0.25f));
            PDImageXObject img = PDImageXObject.createFromFileByExtension(signImage, document);
            cs.drawImage(img, 0, 0);
            cs.restoreGraphicsState();
         }
      }
      pdPage.getAnnotations().add(widget);
      COSDictionary pageTreeObject = pdPage.getCOSObject();
      while (pageTreeObject != null) {
         pageTreeObject.setNeedToBeUpdated(true);
         pageTreeObject = (COSDictionary) pageTreeObject.getDictionaryObject(COSName.PARENT);
      }
   }

Solution

  • According to your comments you appear to try to implement something akin to the regular workflow of Adobe Acrobat Sign: All the "signer" users supply some ink signature image and only the signing service applies an actual digital signature.

    Your implementation puts those ink signature images into the PDF using signature fields and finally adds the only actual digital signature as an author signature.

    The error

    The error in your approach is that you use actual signature form fields for the ink signature images. Signature form fields are made for digital signatures (and timestamps), not for simple electronic signatures.

    Your signature fields with the ink signature images do have visualizations (showing the images) but they don't have values (which would have to be signature dictionaries with CMS signature containers). Thus, Acrobat (like other software products, too) assumes those signature fields are not yet signed.

    Now Acrobat has the feature (or quirk?) to display un-signed signature fields in a blue-ish color with a red "Signe Here" arrow and ignores the existing appearance.

    This explains that you see

    screen shot

    Other viewers may handle this differently. The built-in viewer in Chrome, for example, shows your ink signature images:

    screen shot

    A fix

    As a fix just don't use signature fields for simple electronic signatures, only for digital signatures.

    Alternative options for showing those ink signature images include:

    Considering your wish, though...

    I want my signatures to visible in adobe acrobat pdf reader with verified status.

    Those three simple electronic signatures cannot be verified because they are no digital signatures. Thus, the fix will remove them completely from the signature panel.