1

Given a digitally signed PDF with a certificate I do not have the private key to, is it possible to alter the document, sign it with my certificate and keep the previous signature as 'history', that is, the old signature should not verify the integrity of the document, rather the user should just be able to see that it was once signed with this other certificate?

OskarNS
  • 13
  • 2
  • If it's your intention to *remove* the old signature (created with someone else's private key), alter it, and *add* a new signature (using your own private key), then yes, that's possible. If it's your intention to *keep* the old signature, and add a second (a so-called *approval*) signature (using your own private key), then it depends on the nature of the first signature (if that signature "locks" the document, it's not possible). However, altering the document will almost always invalidate the original signature. – Bruno Lowagie Jan 16 '18 at 09:58
  • If my explanation *altering the document will almost always invalidate the original signature* isn't clear. Please read [Which operations are allowed on a digitally signed PDF?](https://developers.itextpdf.com/tutorial/which-operations-are-allowed-digitally-signed-pdf) written by @mkl. – Bruno Lowagie Jan 16 '18 at 10:01
  • @mkl: my comments could be reorganized as an answer, but since the original material is yours, I suggest that you do this, so that you get the reputation points. – Bruno Lowagie Jan 16 '18 at 10:02
  • The original signature A locks the document and I therefore cannot alter the document and keep having the A signature verify the integrity of the document. What I want is some kind of history where I can specify that the document was once signed with signature A but is now signed with my signature B. I realize that in this case there would be no way for the user to verify that the document was signed with A before I altered it. Since I haven't been able to find any information about such a feature I suspect the PDF simply does not support this, unfortunately. – OskarNS Jan 16 '18 at 10:07
  • 1
    A not so elegant workaround that is used to tackle this by at least one of our customers, is to wrap the signed PDF in a PDF portfolio, and to add a cover page with additional info. A PDF portfolio is like a ZIP file that can be opened in Adobe Reader (and some other PDF viewers). That ZIP file can contain all kinds of other documents, including unaltered signed PDF's in which the signatures are kept intact. – Bruno Lowagie Jan 16 '18 at 10:23
  • I see, thanks a lot for your insight! – OskarNS Jan 16 '18 at 10:35
  • @BrunoLowagie The portfolio proposal is yours and I think that would be an appropriate way to go for the OP, so just go ahead and make your comments an answer. ;) – mkl Jan 16 '18 at 12:04

1 Answers1

1

If it's your intention to remove the old signature (created with someone else's private key), alter the document, and add a new signature (using your own private key), then yes, that's possible.

If it's your intention to keep the old signature, and add a second (a so-called approval) signature (using your own private key), then it depends on the nature of the first signature (if that signature "locks" the document, it's not possible) whether or not you can alter the document in-between.

Moreover, altering the document will almost always invalidate the original signature. See Which operations are allowed on a digitally signed PDF? to find out which changes are possible (e.g. filling out a form field) and which changes are impossible (e.g. adding an extra page).

A not so elegant workaround that is used to tackle this by at least one of our customers, is to wrap the signed PDF in a PDF portfolio, and to add a cover page with additional info. A PDF portfolio is like a ZIP file that can be opened in Adobe Reader (and some other PDF viewers). That ZIP file can contain all kinds of other documents, including unaltered signed PDF's in which the signatures are kept intact.

Bruno Lowagie
  • 75,994
  • 9
  • 109
  • 165