node-signpdf icon indicating copy to clipboard operation
node-signpdf copied to clipboard

Published 20 hours ago verified publisher icon vbuch

Sample code for PAdES LTV?

Open timotheeg opened this issue 2 years ago • 4 comments

Would anyone have sample code to generate and inject a valid PAdES LTV signature (with cert chains, OCSP response, etc), in a pdf file ?

timotheeg avatar Feb 17 '23 13:02 timotheeg

This issue has been automatically marked as stale because it has not had activity in the past 90 days. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Aug 12 '23 13:08 stale[bot]

https://github.com/vbuch/node-signpdf/pull/116#issuecomment-843386087

parallels999 avatar Aug 16 '23 14:08 parallels999

Just a note to anyone interested in implementing LTV:

This is where that starts: https://www.etsi.org/deliver/etsi_ts/102700_102799/10277804/01.01.01_60/ts_10277804v010101p.pdf

vbuch avatar Nov 07 '23 13:11 vbuch

I have done quite a bit of work to do LTV signatures, however they don't validate in acrobat because apparently the LTV signatures require a double signing of the document to be recognised as valid and I've not been able to get that working. This was a long time ago so I've forgotten the details and where I found the specification for LTV signatures in acrobat.

On the whole, the LTV signing is just about building up the CMS signature object to contain all the elements that are needed to perform offline signature validation. That means, creating the base signature and then including the revocation response objects too (OCSP, etc).

To do this I used @peculiar/asn1-cms (and others packages by them) to build the signature object.

dhensby avatar Nov 23 '23 12:11 dhensby