I'm having this issue with some digital signed pdfs.
Here is the code that gets the exception:
var signatureFields = document.AcroForm.FormFields.Where(field => field.FieldType == FormFieldType.Signature).ToList();
if (signatureFields.IsNotNullOrEmpty())
{
foreach (var signatureField in signatureFields)
{
var field = (SignatureField)signatureField;
if (field != null && field.Signature != null)
{
var test = field.Signature.Validate(); - this is the line where I get the exceptions!
The method Validate() called without the properties parameter throws exception in 2 cases:
1st - using pdf signed with specialized software
Message: "No signature validation handler was found for the subfilter: ETSI.CAdES.detached
and the StackTrace: at Telerik.Windows.Documents.Fixed.Model.DigitalSignatures.Signature.Validate(SignatureValidationProperties validationProperties)\r\n at Telerik.Windows.Documents.Fixed.Model.DigitalSignatures.Signature.Validate()\r\n at... (there goes the path in my project)
2nd - using pdf signed with the same digital signature by Adobe Acrobat Reader
Message "ASN1 bad tag value met.\r\n"
and the StackTrace: at System.Security.Cryptography.Pkcs.SignedCms.OpenToDecode(Byte[] encodedMessage, ContentInfo contentInfo, Boolean detached)\r\n at System.Security.Cryptography.Pkcs.SignedCms.Decode(Byte[] encodedMessage)\r\n at Telerik.Windows.Documents.Fixed.Model.DigitalSignatures.Pkcs7Detached.ValidateOverride(SignatureDataProperties dataProperties, SignatureValidationProperties validationProperties)\r\n at Telerik.Windows.Documents.Fixed.Model.DigitalSignatures.SignatureValidationHandlerBase.Validate(SignatureDataProperties dataProperties, SignatureValidationProperties validationProperties)\r\n at Telerik.Windows.Documents.Fixed.Model.DigitalSignatures.Signature.Validate(SignatureValidationProperties validationProperties)\r\n at Telerik.Windows.Documents.Fixed.Model.DigitalSignatures.Signature.Validate()\r\n at... (there goes the path in my project)
I'll be glad if you can tell me where the problem is and what can I do to fix it.
I want to be clear, there are just some correctly signed pdfs that cannot pass this validation. Most of them can but I'm afraid that I am missing something, as one of the non-passing digital signatures is new.
1 Answer, 1 is accepted
Hello Manoela,
I will dive straight into the questions.
1st - using pdf signed with specialized software. Message: "No signature validation handler was found for the subfilter: ETSI.CAdES.detached
The ETSI.CAdES.detached encoding filter is currently not supported by the PdfProcessing library, which causes the issue you are currently encountering. The list of the supported encodings can be seen in the Signature Encodings section of the documentation. We have logged a feature request in our feedback portal: Add support for ETSI.CAdES.detached signature encoding when validating signature fields, where you can vote to increase its priority and subscribe to be notified when the status of the item changes.
In appreciation for pointing out this to our attention, I have increased your Telerik points.
2nd - using pdf signed with the same digital signature by Adobe Acrobat Reader. Message "ASN1 bad tag value met.\r\n"
To decode a PKCS7 signature content, the PdfProcessing library relies on the SignedCms class, which is part of the .NET Framework. After researching what can be causing the issue in the SignedCms class it seems that it may be related to whether the certificate is properly encoded according to the ASN1 notation. Have you tried validating the original certificate which is used to sign the PDF document with? Are there any issues found? If so, you may try exporting and importing the certificate chain as can be seen in the following blog post and sign the PDF document with the exported certificate.
Regards,
Georgi
Progress Telerik