cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
2
Upvote

Adding annotations with Adobe changes the type of signature validation result.

Guest
Dec 23, 2024 Dec 23, 2024

I have a document ”test.pdf”. The last signature shows that it has been modified, but when I add an annotation with Adobe, the signature shows that the byte range is invalid. Why is this? The last annotation I added was with Adobe, shouldn't it still show that the document has been modified?

TOPICS
PDF , Security digital signatures and esignatures
test.pdf
Preview
test-Addannot.pdf
Preview
716
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
1 ACCEPTED SOLUTION
MikelKlink
Advocate ,
Jan 06, 2025 Jan 06, 2025

For the main error see this answer - The revision with the troublesome signature contains errors causing the modification detection checks for later incremental updates to fail.

 

Additionally, though, the files attached to this question are slightly different from the file attached there, they contain some streams whose contents have been overwritten with space characters. As those streams at the same time claim to be flate encoded, this gives rise to additional errors in these files here which may cause even weirder effects.

View solution in original post

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 8 Replies 8
latest latest Jump to latest reply
Guest
Dec 23, 2024 Dec 23, 2024 
Can anyone help to see why? When opening test.pdf with Adobe and adding an annotation, then saving it, re-validating will prompt an error saying 'byte range invalid'.

 

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
MikelKlink
Advocate ,
Jan 06, 2025 Jan 06, 2025

For the main error see this answer - The revision with the troublesome signature contains errors causing the modification detection checks for later incremental updates to fail.

 

Additionally, though, the files attached to this question are slightly different from the file attached there, they contain some streams whose contents have been overwritten with space characters. As those streams at the same time claim to be flate encoded, this gives rise to additional errors in these files here which may cause even weirder effects.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
AppsecTeam
Community Beginner ,
Feb 16, 2025 Feb 16, 2025

Hello,

I would like to share some information regarding this issue.

I am a developer working on e-signature applications, and my applications, which have been running without any issues for a long time, suddenly started throwing errors.

It took a while to understand the root cause because, while all other applications recognized the signatures as valid, Adobe Reader/Acrobat marked all signatures after the first one as invalid and only considered the last signature as valid.

After extensive trial and error, I discovered that this issue occurs when a PDF is generated by merging multiple documents and at least one of those documents contains a comment or annotation.

Once I identified the problem, the only workaround I could find was to open the affected PDF (where signatures are shown as invalid), add a comment to a  page, and then cancel it without filling it. Doing so prompts Adobe to revalidate the signatures, after which all signatures appear as valid. However, you must first manually click the Validate button for this to take effect.

I believe this is a bug.

Attached images (error_1, 2, 3, 4, 5)

error_3.png
Preview
error_2.png
Preview
error_1.png
Preview
error_5.png
Preview
error_4.png
Preview
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
MikelKlink
Advocate ,
Feb 17, 2025 Feb 17, 2025
In Response To AppsecTeam
quote

I believe this is a bug.

 

Well, it's hard to tell without the actual PDFs. Without further details I would assume there is an issue in the PDF to start with and your annotation change either fixes it or at least changes it enough to have Acrobat see no red flags anymore.

 

Furthermore,

I would like to share some information regarding this issue.

 

In which way does your observation do so? The question was about a specific PDF after all which was not a merge...

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
AppsecTeam
Community Beginner ,
Feb 17, 2025 Feb 17, 2025
In Response To MikelKlink

First of all, thank you for replying to my message.

 

I would like to upload a sample document, but since it will contain my personal signature, I do not prefer to share it on this platform. If there is a corporate bug notification or tracking environment, I can share it there.

 

On the other hand, practically and legally, it should be guaranteed that no changes can be made to a signed document, if they are made, the signature becomes invalid, but in this case, the opposite is true. If an invalid document - as you mentioned, is fixed when annotated - becomes valid with editing, which means a serious problem. If there is a bug in the background, then signed documents can be manipulated in some way, which means a transition from bug level to security vulnerability level.

 

As a result, when I analyze the PDF document (with Itext's RUPS software), there is a difference between the "unvalidated" status and the "validated" status. (When Validate is used, it asks you to save the document, and from here it can be understood that a change has been made)

 

I can see the exact change with the WinMerge tool. I added an image of the changed part in the attachment (yellow area), then the object data related to the user, which is already in the document, was added. Frankly, I'm confused...

err_dec_1.png
Preview
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
AppsecTeam
Community Beginner ,
Feb 17, 2025 Feb 17, 2025
In Response To AppsecTeam

- I couldn't find an edit -

Although the topic is similar to this one, it seems independent, so I would appreciate it if you could move it to a topic like this:

"A pdf document with a valid signature is marked as invalid because it was signed a second time or more."

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
MikelKlink
Advocate ,
Feb 17, 2025 Feb 17, 2025
LATEST
In Response To AppsecTeam
quote

- I couldn't find an edit -

 

At the bottom of your message there is a "more" option comtaining editing capabilities.

 

quote

Although the topic is similar to this one, it seems independent, so I would appreciate it if you could move it to a topic like this:

 

Unfortunately I cannot but moderators of these forums may be able to do that.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
MikelKlink
Advocate ,
Feb 17, 2025 Feb 17, 2025
In Response To AppsecTeam
quote

I would like to upload a sample document, but since it will contain my personal signature, I do not prefer to share it on this platform. If there is a corporate bug notification or tracking environment, I can share it there.

 

Please be aware that this is Adobe's Community forum. Thus, you mainly communicate here with other users of Adobe products (or PDF related products in general). I for example am no Adobe employee. So for my options of analyzing the issue it doesn't matter whether you upload the file to some non-public Adobe bug tracker or not at all.

 

So, please try to reproduce the issue using some test signatures that don't contain your personal signature and documents void of other confidential material. Otherwise you should try to draw the attention of one of the few Adobe employees who roam here.

 

quote

On the other hand, practically and legally, it should be guaranteed that no changes can be made to a signed document, if they are made, the signature becomes invalid, but in this case, the opposite is true. If an invalid document - as you mentioned, is fixed when annotated - becomes valid with editing, which means a serious problem. If there is a bug in the background, then signed documents can be manipulated in some way, which means a transition from bug level to security vulnerability level.

 

There is one actual exception to this: If the file is signed with changes _after_ the last signature and the problematic part is in this set of changes, a PDF processor can fix the problem by re-writing that incremental update. And as you haven't shared the PDF, I cannot tell whether that is the case here.

 

Other than that a bug indeed is very likely. But without an example file it still is not assured, let alone reproducible.

 

quote

As a result, when I analyze the PDF document (with Itext's RUPS software), there is a difference between the "unvalidated" status and the "validated" status.

 

Beware, the problems that cause erratic validation bahavior often are at a level for which RUPS and similar PDF object browsers already are too high level tools. E.g. a common issue in this regard are slightly invalid initial cross reference tables which RUPS ignores while loading.

 

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
About Adobe Acrobat
Adobe Acrobat Learn & Support
Open in a new window
Adobe Inc
Whats new in Acrobat DC
Open in a new window
Adobe Inc
Plan and Pricing
Open in a new window
Adobe Inc
Adobe Acrobat features and tools
Open in a new window
Adobe Inc
Adobe Acrobat Feature & Workflow
Edit PDFs
Open in a new window
Edit Scanned PDFs
Open in a new window
PDF Forms
Open in a new window
Sign a PDF
Open in a new window
FAQs
How to Edit Scanned or Secured document
Open in a new window
Rotate | move | delete and renumber PDF pages
Open in a new window
Acrobat download and installation help
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices