LibreSign
Internal Server Error: trim(): Argument #1 ($string) must be of type string, null given
Describe the bug
The Server was unable to complete your request. If This happens again, please send t he technical details below to the server administrator. Technical details: Remote Adress: xxx.xxx.xxx.xxx Requested ID: xxx Message: trim(): Argument #1 ($string) must be of type string, null given
To reproduce
Sign The Document, then confirm the signature.
Environment information
NC 32.0.1 Libresign 12.0.1
Hey, thanks for reaching out.
Can you provide more details about your setup?
Sure. Did you have something in mind you need to know? I'm running an apache2 web server with PHP 8.4 on Debian 11.
Operating System: Linux 5.10.0-36-amd64 x86_64 CPU: Intel(R) Xeon(R) CPU E5-2680 0 @ 2.70GHz (32 threads) Memory: 251.84 GB
PHP Version: 8.4.13 Memory limit: 2 GB Max execution time: 3600 Upload max size: 2 GB OPcache Revalidate Frequency: 2 Extensions: Core, date, libxml, openssl, pcre, zlib, filter, hash, json, random, Reflection, SPL, session, standard, sodium, cgi-fcgi, mysqlnd, PDO, xml, apcu, bcmath, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, gmp, iconv, igbinary, imagick, intl, exif, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, redis, Zend OPcache
Database Type: mysql Version: 8.0.37
Apps Enabled:
- activity: 5.0.0-dev.0
- admin_audit: 1.22.0
- bruteforcesettings: 5.0.0-dev.0
- calendar: 6.0.2
- camerarawpreviews: 0.8.8
- circles: 32.0.0
- cloud_federation_api: 1.16.0
- comments: 1.22.0
- contacts: 8.0.4
- contactsinteraction: 1.13.1
- cookbook: 0.11.4
- dashboard: 7.12.0
- dav: 1.34.2
- deck: 1.16.0
- federatedfilesharing: 1.22.0
- files: 2.4.0
- files_downloadlimit: 5.0.0-dev.0
- files_external: 1.24.0
- files_pdfviewer: 5.0.0-dev.0
- files_reminders: 1.5.0
- files_sharing: 1.24.0
- files_trashbin: 1.22.0
- files_versions: 1.25.0
- firstrunwizard: 5.0.0-dev.0
- libresign: 12.0.1
- logcleaner: 1.1.9
- logreader: 5.0.0-dev.0
- lookup_server_connector: 1.20.0
- mail: 5.5.11
- nextcloud_announcements: 4.0.0-dev.0
- notes: 4.12.3
- notifications: 5.0.0-dev.0
- oauth2: 1.20.0
- password_policy: 4.0.0-dev.0
- photos: 5.0.0-dev.1
- previewgenerator: 5.10.0
- privacy: 4.0.0-dev.0
- profile: 1.1.0
- provisioning_api: 1.22.0
- recognize: 10.0.4
- recommendations: 5.0.0-dev.0
- registration: 2.8.0
- related_resources: 3.0.0-dev.0
- richdocuments: 9.0.1
- richdocumentscode: 25.4.504
- serverinfo: 4.0.0-dev.0
- settings: 1.15.1
- sharebymail: 1.22.0
- support: 4.0.0-dev.0
- survey_client: 4.0.0-dev.0
- suspicious_login: 10.0.0-dev.0
- systemtags: 1.22.0
- tasks: 0.17.0
- text: 6.0.1
- theming: 2.7.0
- twofactor_backupcodes: 1.21.0
- twofactor_email: 2.8.2
- updatenotification: 1.22.0
- user_status: 1.12.0
- viewer: 5.0.0-dev.0
- weather_status: 1.12.0
- webhook_listeners: 1.3.0
- workflowengine: 2.14.0
Did you have the log entry added to your nextcloud.log file when this mestre is generated?
{"reqId":"i1exIXjUXwtnkTm3bBrW","level":3,"time":"2025-10-24T01:32:48+00:00","remoteAddr":"xxx.xxx.xxx.xxx","user":"--","app":"libresign","method":"POST","url":"/ocs/v2.php/apps/libresign/api/v1/sign/uuid/175e5651-c803-4ff0-b9a3-c97c129f2f7f","message":"trim(): Argument #1 ($string) must be of type string, null given","userAgent":"Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Mobile Safari/537.36","version":"32.0.1.2","exception":{"Exception":"TypeError","Message":"trim(): Argument #1 ($string) must be of type string, null given","Code":0,"Trace":[{"function":"trim","file":"/var/www/nextcloud/apps/libresign/lib/Handler/SignEngine/Pkcs12Handler.php","line":285},{"file":"/var/www/nextcloud/apps/libresign/lib/Handler/SignEngine/Pkcs12Handler.php","line":178,"function":"parseDistinguishedNameWithMultipleValues","class":"OCA\Libresign\Handler\SignEngine\Pkcs12Handler","type":"->"},{"file":"/var/www/nextcloud/apps/libresign/lib/Handler/SignEngine/Pkcs12Handler.php","line":91,"function":"popplerUtilsPdfSignFallback","class":"OCA\Libresign\Handler\SignEngine\Pkcs12Handler","type":"->"},{"file":"/var/www/nextcloud/apps/libresign/lib/Handler/SignEngine/SignEngineHandler.php","line":211,"function":"getCertificateChain","class":"OCA\Libresign\Handler\SignEngine\Pkcs12Handler","type":"->"},{"file":"/var/www/nextcloud/apps/libresign/lib/Service/SignFileService.php","line":337,"function":"getLastSignedDate","class":"OCA\Libresign\Handler\SignEngine\SignEngineHandler","type":"->"},{"file":"/var/www/nextcloud/apps/libresign/lib/Service/SignFileService.php","line":324,"function":"updateSignRequest","class":"OCA\Libresign\Service\SignFileService","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/apps/libresign/lib/Controller/SignFileController.php","line":133,"function":"sign","class":"OCA\Libresign\Service\SignFileService","type":"->"},{"file":"/var/www/nextcloud/apps/libresign/lib/Controller/SignFileController.php","line":95,"function":"sign","class":"OCA\Libresign\Controller\SignFileController","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":204,"function":"signUsingUuid","class":"OCA\Libresign\Controller\SignFileController","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":118,"function":"executeController","class":"OC\AppFramework\Http\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/App.php","line":153,"function":"dispatch","class":"OC\AppFramework\Http\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/Route/Router.php","line":321,"function":"main","class":"OC\AppFramework\App","type":"::"},{"file":"/var/www/nextcloud/ocs/v1.php","line":61,"function":"match","class":"OC\Route\Router","type":"->"},{"file":"/var/www/nextcloud/ocs/v2.php","line":8,"args":["/var/www/nextcloud/ocs/v1.php"],"function":"require_once"}],"File":"/var/www/nextcloud/apps/libresign/lib/Handler/SignEngine/Pkcs12Handler.php","Line":285,"message":"trim(): Argument #1 ($string) must be of type string, null given","exception":[],"CustomMessage":"trim(): Argument #1 ($string) must be of type string, null given"},"id":"68ff61d621458"}
This issue occurs when parsing the signed file and executing the pdfsig command to collect signature data.
This part of the code is already covered by tests, so the problem shouldn't normally occur. It’s likely related to a specific characteristic of your environment or the signed PDF file.
You can help us diagnose it by adding the following line right after the code block below: https://github.com/LibreSign/libresign/blob/9ebc9fb62460c19e0be799c42b90ade07df88c23/lib/Handler/SignEngine/Pkcs12Handler.php#L185-L189
file_put_contents('/tmp/poppler_output', $content);
Then, reproduce the action that triggered the error and, if possible, share the /tmp/poppler_output file here.
Please make sure it does not contain any sensitive information before sending.
Digital` Signature Info of: /tmp/oc_tmp_bY17uw3bxhlMw153E3CEIShGHejbgl7q.file.pdf
Signature #1:
- Signer Certificate Common Name: (null)
- Signer full Distinguished Name: (null)
- Signing Time: Jan 01 1970 00:00:00
- Signing Hash Algorithm: unknown
- Signature Type: unknown
- Signature Validation: Signature has not yet been verified.
Signature #2:
- Signer Certificate Common Name: (null)
- Signer full Distinguished Name: (null)
- Signing Time: Jan 01 1970 00:00:00
- Signing Hash Algorithm: unknown
- Signature Type: unknown
- Signature Validation: Signature has not yet been verified.
Signature #3:
- Signer Certificate Common Name: CERTNAME
- Signer full Distinguished Name: O=Internet Widgits Pty Ltd,CN=SOMECOMPANY,L=SOMECITY,ST=ASTATESOMEWHEREE,C=US
- Signing Time: Oct 29 2025 00:18:41
- Signing Hash Algorithm: SHA-256
- Signature Type: adbe.pkcs7.detached
- Signed Ranges: [0 - 2567546], [2597548 - 2604597]
- Total document signed
- Signature Validation: Signature is Invalid.
There was only one signature blank also.
I also see there's a new version. Let me know if I should update before we're done troubleshooting.
@Caliran I recommend to update to the newest version, generate again your root certificate (I recommend to use OpenSSL) and test again.
Have strange (invalid) values at two signatures (the null values) at your file.
I also recommend to generate your certificate again after generate the root certificate.
I regenerated the certificate. And updated. I'm still getting the error repeately asking me to confirm. But now I'm getting a document thats signed saved in the folder..
Digital Signature Info of: /tmp/oc_tmp_muCv4Jr75Q40UEWh3JJBnQle7vFrNvXx.file.pdf
Signature #1:
- Signer Certificate Common Name: (null)
- Signer full Distinguished Name: (null)
- Signing Time: Jan 01 1970 00:00:00
- Signing Hash Algorithm: unknown
- Signature Type: unknown
- Signature Validation: Signature has not yet been verified.
Signature #2:
- Signer Certificate Common Name: (null)
- Signer full Distinguished Name: (null)
- Signing Time: Jan 01 1970 00:00:00
- Signing Hash Algorithm: unknown
- Signature Type: unknown
- Signature Validation: Signature has not yet been verified.
Signature #3:
- Signer Certificate Common Name: xxxxx
- Signer full Distinguished Name: xxxxxxx
- Signing Time: Oct 29 2025 03:00:08
- Signing Hash Algorithm: SHA-256
- Signature Type: adbe.pkcs7.detached
- Signed Ranges: [0 - 2589878], [2619880 - 2626937]
- Not total document signed
- Signature Validation: Signature is Invalid.
Signature #4:
- Signer Certificate Common Name: xxxxxx
- Signer full Distinguished Name: xxxxxxx
- Signing Time: Oct 29 2025 03:00:11
- Signing Hash Algorithm: SHA-256
- Signature Type: adbe.pkcs7.detached
- Signed Ranges: [0 - 2816151], [2846153 - 2853221]
- Not total document signed
- Signature Validation: Signature is Invalid.
Signature #5:
- Signer Certificate Common Name: xxxxxxx
- Signer full Distinguished Name: xxxxxxxxxx
- Signing Time: Oct 29 2025 03:00:14
- Signing Hash Algorithm: SHA-256
- Signature Type: adbe.pkcs7.detached
- Signed Ranges: [0 - 3042438], [3072440 - 3079531]
- Total document signed
- Signature Validation: Signature is Invalid.
Signer full Distinguished Name: (null)
The error is because you have problems with your "Distinguished Name".
Did you made this using a non signed PDF file and adding 4 signers and signed this today?
Have two signers with invalid data.
This is a company PDF from work with fillable blanks. I only created one signature spot while using libresign. I just tried a PDF I created years ago and had success. Is there something we can do or will flattening the document by printing to PDF before adding it something that will work?
printing to PDF before adding it
This could solve because this could replace parts of PDF file.
If I understood, you have a specific document that doesn't work fine and with other PDF files worked fine. If is possible, could you share the document that is generating the error message after you add a signer and sign the document?
Not sure company policy allows it to be shared outside of potential clients. Can flattening the document be added as a feature request? I would prefer the client not get an editable copy of the document anyway. But I'd still like to be able to fill it out in nextcloud (preferably libresign) and email it out without the extra steps. This would make things easier and possibly solve the issue. When I get home I'll try to print it as a PDF and then try again to confirm the issue.
printing to PDF before adding it
This could solve because this could replace parts of PDF file.
If I understood, you have a specific document that doesn't work fine and with other PDF files worked fine. If is possible, could you share the document that is generating the error message after you add a signer and sign the document?
Not sure company policy allows it to be shared outside of potential clients.
Because this that I asked first.
Can flattening the document be added as a feature request?
Maybe, but is necessary to identify what's happening with this document fist.
Considering that you only made a signature at this file, a new test that you can make is to run the command pdfsig <pathOfProblematicPdf> and check if the output will expose that the file haven't any signature. I think that this file already have any type of signature and it's generating problems because the current signature is invalid (hypothesis). Use the path of original PDF, without signature.
I fixed the documents. The forms had been prepared with Adobe. And had Adobe signature placeholders. So that was why it was coming up that way. Once I removed them it worked fine.
Could you produce a similar PDF as example and reproduce the problem? I wish to make tests with a similar PDF
I was able to copy one of the signature spots to a blank page pdf and using pdfsig replicated the same output. And it does generate the same error upon signing.
Digital Signature Info of: test.pdf Syntax Error (0): Invalid or missing Signature string Signature #1:
- Signer Certificate Common Name: (null)
- Signer full Distinguished Name: (null)
- Signing Time: Dec 31 1969 18:00:00
- Signing Hash Algorithm: unknown
- Signature Type: unknown
- Signature Validation: Signature has not yet been verified.
I uploaded it.
Thanks a lot! Considering that the file now is totally without sensitive data, I added to this message to preserve the history of this issue to be possible have an example to who wish to get this to work in.
No problem, I appreciate the help! I've been trying to create an addon to flatton the file which would help. I have the backend working but can't get the command to show on the right click menu in files. My JS isn't loading. You could use the backend code here to add the function easily to libresign. If you did that automatically and used the flattened version for signing you'd avoid all future errors.
I believe it is possible to adjust the validation to consider the scenario of this form with an unfilled signature field as valid.
I made a test now with this PDF without success to reproduce the issue. I signed the document with success.
I implemented a fix to only validate real signatures and no more empty form fields.
Dunno. There hasn't been a release since the fix so I haven't been able to try it.