[Poppler-bugs] [Bug 16770] support for digital signatures
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Sat Oct 24 07:32:14 PDT 2015
https://bugs.freedesktop.org/show_bug.cgi?id=16770
--- Comment #93 from Markus KilÄs <digital at markuspage.com> ---
Created attachment 119174
--> https://bugs.freedesktop.org/attachment.cgi?id=119174&action=edit
Handle SEC_ERROR_UNTRUSTED_ISSUER
When verifying a PDF signed by a certificate issued by a CA not in the trust
store I would expect to get an error "Certificate isn't Trusted" however
currently the error message actually is the more generic "Unknown issue with
Certificate or corrupted data".
I tested with
http://wwwpriv.primekey.se/~markus/pdfsigner/test-pdfs/signserver-res-test-pdf/sample-signed.pdf:
[user at dev-21 utils]$ ./pdfsigverify
~/Downloads/signserver-res-test-pdf/sample-signed.pdf
Digital Signature Info of:
/home/user/Downloads/signserver-res-test-pdf/sample-signed.pdf
Signature #1:
- Signer Certificate Common Name: Signer 2
- Signing Time: Nov 23 2011 17:09:42
- Signature Validation: Signature is Valid.
- Certificate Validation: Unknown issue with Certificate or corrupted data.
Then after adding
http://wwwpriv.primekey.se/~markus/pdfsigner/test-pki/signserver-res-test-dss10/DSSRootCA10.cacert.pem
as trusted in Firefox:
[user at dev-21 utils]$ ./pdfsigverify
~/Downloads/signserver-res-test-pdf/sample-signed.pdf
Digital Signature Info of:
/home/user/Downloads/signserver-res-test-pdf/sample-signed.pdf
Signature #1:
- Signer Certificate Common Name: Signer 2
- Signing Time: Nov 23 2011 17:09:42
- Signature Validation: Signature is Valid.
- Certificate Validation: Certificate is Trusted.
The attached patch adds the NSS error code for untrusted issuer so the error
will be "Certificate isn't trusted".
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/poppler-bugs/attachments/20151024/8a4a8d22/attachment.html>
More information about the Poppler-bugs
mailing list