I have a 15 page form with signature fields (and scripts andw hatnot) that is about 5 mb after it was filled.
However when the user sets 1-2 signatures (via the standard security pkcs#7) and then (sometimes by removing the signature and reapplying after the changes are done) the file size goes to 125 mb or higher (biggest one so far has been 257 mb).
Does anyone have any idea what is going on here? The larger files are problematic for storage/mailing and when the file is stored without changes after inputting the signature remains ~5 mb.
Thank you in advance for any trouble to be taken
Copy link to clipboard
Each time you apply a digital signature the file size will increase dramatically because a copy of the file is stored within the signature, so that it can be verified against the original in case of modifications. If you sign the file multiple times each version will contain the previous ones (including the earlier saved copies!), so the file size will balloon exponentially with each signature. When you clear a signature it might not get rid of this information automatically. Try using Save As and save the file under a new name to get rid of it.
Let me start off by saying I very much your continuous contributions on this board, I really appreciate your presence.
I understand your answer also, it explains the rapid increase in file size aswell.. although I'm surprised that the two signatures that are on this form don't seem to duplicate the file size as much as the removing and changing things in the form steps seem to contribute.
Also, a follow up question if I may - is there any way to disable this storing of a copy of the file? (i.e. just show a signature image) .. setting the signature locks the editable fields so I'm not too concerned about changes after setting the signature.
No, you can't disable this feature. That's the entire point of a digital signature. If you just want to show an image then use an image field, not a signature field. But then you'll be losing all the advantages to the latter, ie. the option to verify the signature against a public key and making sure the file hasn't been modified since it was signed.
A copy of the file is NOT contained within the signature. However, the validation information (Certificate Revocation Lists) are included. Some CRLs are huge. You might try not including validation information with the signature. This make long-term validation morer difficult, if the old CRLs are not available.
I'm aware of that. I was trying to explain it without getting too technical...
And I appreciate the effort, however are there some reference(s) / guides you can share for me to read up on the technical aspects?
The public key portion of the signature could be interesting for us aswell, although the CRL making the file rather large is the main concern right now