How to ensure Digital Signatures are not faked?
We are currently using some fairly archaic processes, whereby dynamic forms are completed digitally, printed, signed by hand, and then rescanned as static PDFs back onto our shared server. We are considering ways of streamlining this process, and one consideration is to use Digital Signatures. The one worry I have however is in how simple it appears to me to fake a digital signature of someone else. For example, a shared folder on the network contains PDF forms that must be approved by being signed off on by the CEO. If I add a digital signature field on this form, what would keep anyone with access to that folder from being able to open the file, click the signature field, but instead of using their own digital ID, creating a NEW digital ID with the name of the CEO, thereby making it appear that the CEO signed the form? I tested it and there doesn't seem to be any safeguard to keep this from happening.
Jo
You won't be able to fully verify a digital signature unless you add a user's certificate to your list of trusted certificates. You would only do this if you are certain of the source. See this previous discussion for more info: http://forums.adobe.com/thread/1118748
Similar Messages
-
Digital Signatures will not show when combined in one PDF
I have multiple PDF's with digital signatures. I'm combining them into one large PDF for distribution. The problem I'm having is the digital signatures are not showing up when I combind into one PDF. I need the digital signatures to show up because they make the document (s) official. To sent all the document out indivdual make it unmanageable and is over 300 sperate PDF's
It is not true. Most documents have pages numbered (like "page 1 of 5"). I never sign documents that do not have this page numbering and each page initialized. This way you cannot add/remove pages in a printed document without forging initials. Electronic documents (PDF) enforce this rule automatically.
-
How to Digital Signature Payload not SOAP header
Hi Gurus,
How to Digital Signature Payload not SOAP header.
Thanks,
imommamHi Imommam,
As of now B2B does not have support for it. If you have any specific requirement, please log a SR with support.
Regards,
Anuj -
How to Print Digital Signature in Smart forms.
Hi Experts,
Any one please help me how to use digital signatures in SMARTFORMS.?
Which are the tables used to store digital signatures and please any one have any demo program which prints the the digital signature using smartforms kindly let me know.
Thanks,
Sunil kairam.Hi Sunil,
After doing some research in sdn and other sources i found the following result...
Digital Signatures are nothing but graphics that we can store in SAP and use in our Smart Forms.
For Example you can create a .bmp file of your signatures, upload it via SE78, and then use it in your Smart Forms in your Footer Area as "Authorized Signatory".
The Logic in the Print Program can be something as follows -
1. Maintain a Z Table having fields like PLANT, FORMID (Name of the SmartForm), USERID.
2. Before calling the Form, the validation is made for the Logged in User with the Z Table created.
3. If the User Entry exists in the Z-Table, the Form is called and the Signature Image is displayed in the Footer Block i.e. the Authorized Signature.
4. If user entry does not exist in the Z-Table then the message is displayed "You are not the Authorized for Printing the Form" and exits the Transaction.
refer to these links:
[http://help.sap.com/saphelp_nw04s/helpdata/en/23/c8b4cb4b3847a9bc32fe100f368411/frameset.htm]
[http://help.sap.com/saphelp_nw04/helpdata/en/21/530b37cb3ed605e10000009b38f936/frameset.htm]
if u find some info on the topic pls let me know..
best of luck!!!
thanks
ravi -
How to get digital signature for Google Map geocoding V3 in PL/SQL?
Hi, Gurus:
Could anyone provide me an example about how to generate digital signature for Google Maps service v3 in PL/SQL? We tried to upgrade our program using Google maps service from v2 to v3. We are using PL/SQl on background to send request to Google for geocoding. We found some sample code to register with digital signature, but none of them is based on PL/SQl. Notice I used Google business client ID "gme-XXX" and wallet.
https://developers.google.com/maps/documentation/business/webservices/auth#digital_signatures
Google Maps API - more URL signing samples
Here is my code for V2. I notice in order to get signature, I need to use HMAC-SHA1 algorithm.
procedure Get_Geocoding(P_s_Address in varchar2, P_s_Geocoding out varchar2, P_n_accuracy out number, P_b_success out boolean) is
l_address varchar2(4000);
l_url varchar2(32000);
l_response varchar2(3200);
n_first_comma number;
n_second_comma number;
n_level_length number;
BEGIN
/* TODO implementation required */
l_address:=APEX_UTIL.URL_ENCODE(P_s_Address);
l_address := replace(l_address,' ','+');
l_url := 'http://maps.google.com/maps/geo?q='||l_address||'&'||'output=csv'||'&'||'client=gme-XXX';
l_response := utl_http.request(l_url, APEX_APPLICATION.G_PROXY_SERVER, '/u02/app/oracle/admin/apexsb/wallet', 'XXXXXXXX');
n_level_length:=0;
n_first_comma:=instr(l_response,',',1,1);
n_second_comma:=instr(l_response,',',1,2);
n_level_length:=n_second_comma-n_first_comma-1;
P_n_accuracy:=0;
if n_level_length>0 then
P_n_accuracy:=to_number(substr(l_response,n_first_comma+1, n_level_length));
end if;
l_response:=substr(l_response,instr(l_response,',',1,2)+1);
--dbms_output.put_line('In function: l_response ='||l_response);
P_s_Geocoding:=l_response;
if (P_s_Geocoding<>'0,0') then
P_b_success:=true;
--dbms_output.put_line('true');
else
P_b_success:=false;
--dbms_output.put_line('false');
end if;
END;
Thanks!Hi, guys:
I tried to generate digital signature for Google map service
Maps for Business: Generating Valid Signatures - YouTube
Generating an HMAC-SHA-1 Signature Using Only PL/SQL
OAuth and the PL/SQL | Data Warehouse in the Cloud
but I got error message from Google:
Unable to authenticate the request. Provided 'signature' is not valid for the provided client ID. Learn more: https://developers.google.com/maps/documentation/business/webservices/auth
I think there is something wrong with my code to generate signature, as if I remove the part regarding client and signature, it will work, can anyone help me on this problem?
/*Procedure Get_Geocoding is used to get geocoding with accuracy level for V3 business account, you can find Google map digital signature descrirption from
https://developers.google.com/maps/documentation/business/webservices/auth#digital_signatures
if geocoding is 0,0, procedure returns false to indicate failure of get geocoding*/
procedure Get_Geocoding2(P_s_Address in varchar2, P_s_Geocoding out varchar2, P_n_accuracy out number, P_b_success out boolean) is
--private key for Google business account, this is provided by Google with client name.
l_private_key_src varchar2(200):='xxxxxxxxxxxxxxxxxxx';
l_private_key_b64_alter varchar2(200):= translate(l_private_key_src,'-_','+/');
l_private_key_bin raw(2000);
l_client_name varchar2(100):='gme-xxx';
l_signature_mac raw(2000);
l_signature_b64 varchar2(200);
l_signature_b64_alter_back varchar2(200);
l_Google_service_domain varchar2(200):='http://maps.googleapis.com';
l_address varchar2(4000);
l_url varchar2(32000);
l_path varchar2(32000);
l_response varchar2(32000);
l_page UTL_HTTP.HTML_PIECES;
n_actual_length number;
json_obj json;
json_tempobj json;
jl_listOfValues json_list;
json_geom_obj json;
json_loc json;
l_lat VARCHAR2(40);
l_lng VARCHAR2(40);
l_status VARCHAR2(255);
json_accuracy json;
--temp_string varchar2(10000);
n_first_comma number;
n_second_comma number;
n_level_length number;
BEGIN
/* TODO implementation required */
l_private_key_bin := utl_encode.base64_decode(UTL_I18N.string_to_raw(l_private_key_b64_alter, 'AL32UTF8'));
l_address:=APEX_UTIL.URL_ENCODE(P_s_Address);
--dbms_output.put_line(l_address);
l_address := replace(l_address,' ','+');
l_path := '/maps/api/geocode/json?address='||l_address||'&'||'sensor=true';
dbms_output.put_line(l_path);
l_signature_mac :=DBMS_CRYPTO.mac(UTL_I18N.string_to_raw(l_path, 'AL32UTF8'), DBMS_CRYPTO.hmac_sh1,l_private_key_bin);
l_signature_b64:= UTL_RAW.cast_to_varchar2(UTL_ENCODE.base64_encode(l_signature_mac));
l_signature_b64_alter_back:=translate(l_signature_b64,'+/','-_');
dbms_output.put_line(l_signature_b64_alter_back);
--get response from Google map service
l_url:=l_Google_service_domain||l_path||'&client='||l_client_name||'&signature='||l_signature_b64_alter_back;
--l_url:=l_Google_service_domain||l_path;
dbms_output.put_line(l_url);
l_page:=utl_http.request_pieces( l_url, 99999);
for i in 1..l_page.count loop
l_response:=l_response||l_page(i);
end loop;
n_actual_length:=length(l_response);
dbms_output.put_line(n_actual_length);
dbms_output.put_line(l_response);
--parse JSON result
json_obj:=new json(l_response);
l_status := json_ext.get_string(json_obj, 'status');
IF l_status = 'OK' then
jl_listOfValues := json_list(json_obj.get('results'));
json_tempobj := json(jl_listOfValues.get(1));
json_geom_obj := json(json_tempobj.get(3));
json_loc := json_ext.get_json(json_geom_obj, 'location');
l_lat := to_char(json_ext.get_number(json_loc, 'lat'));
l_lng := to_char(json_ext.get_number(json_loc, 'lng'));
P_s_Geocoding:=l_lat||','||l_lng;
dbms_output.put_line('##########'||P_s_Geocoding);
case json_ext.get_string(json_geom_obj, 'location_type')
when 'ROOFTOP' then P_n_accuracy:=9;
when 'RANGE_INTERPOLATED' then P_n_accuracy:=7;
when 'GEOMETRIC_CENTER' then P_n_accuracy:=5;
else P_n_accuracy:=3;
end case;
P_b_success:=true;
else
P_b_success:=false;
P_n_accuracy:=0;
P_s_Geocoding:='0,0';
end if;
END; -
Digital signature is not valid in acrobat reader 9
digital signature is not valid in acrobat reader 9
Your answers are very short, please give more details so that we can try to help.
- Who signed the document - did you sign it?
- where WAS it valid
- how was it made
- anything else relevant -
Digital signature does not validate with the given key
We are switching our single-signon provider from openssl to Weblogic's SAML. I am trying to create a test application that will send mock SAML assertions to our test Weblogic SAML server before we begin integration with the client that will send real SAML assertions.
I have configured a Weblogic 10.3.5 instance to be a SAML Service Provider as well as created an application that creates test SAML assertions to post to the SAML server. I'm currently using a self-signed certificate to sign the SAML assertion. I've imported the self-signed cert into both the DemoIdentiy.jks and cacerts on the Weblogic SAML server.
The Weblogic SAML server is giving the following error when trying to validate the signature of the assertion:
<SAML2Assert: Start verify assertion signature>
<SAML2Assert: The assertion is signed.>
<SAML2Assert: Digital signature does not validate with the given key
org.opensaml.xml.validation.ValidationException: Digital signature does not validate with the given key
at org.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:68)
at com.bea.security.saml2.util.SAML2Utils.verifySamlObjectSignature(SAML2Utils.java:229)
at com.bea.security.saml2.providers.SAML2Assert.verifySignature(SAML2Assert.java:285)
>
I get this error when the SAML assertion includes both the cert and the public key, just the cert, just the public key or neither.
I'm pretty sure I've configured the SAML instance correctly since I followed the steps provided by another group who got this working with a different client. The only difference is they are using a real signed certificate (Verisign i believe) instead of a self signed cert.
I'm looking for any help to track down which step in the process I've missed or implemented incorrectly.
Thanks!
Edited by: 911967 on Feb 6, 2012 12:26 PMSo I found my own answer to the issue. The error was being caused by an the following xml in the assertion:
<ds:Reference URI="">
The value of URI attribute must have a '#' followed by the same value of the ID attribute in the parent 'Assertion' element (in our case a random string):
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="a5k42vnhsywezqzyufq15c4bb9xuzeozrmbppj38xe" IssueInstant="2012-03-12T14:33:25.986Z" Version="2.0">
<saml:Issuer>ISSUER_NAME</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
*<ds:Reference URI="#a5k42vnhsywezqzyufq15c4bb9xuzeozrmbppj38xe">*
How this is related to the digital signature is beyond me, though I admit I'm very new to saml and digital signing. However I spent a great deal of time investigating my certs and how I was creating the signature, which it seems is unrelated to the actual issue. I also wasn't able to find any docs specifying that this attribute was required, though I might have just missed it. -
UPGRADED 10.4.11 ON MACBOOK PRO INTEL TO 10.5.1 (FAMILY PACK VERSION), UPDATES TO 10.5.8 WILL NOT SAVE DUE TO, "DIGITAL SIGNATURE DOES NOT MATCH". ANY IDEAS? CAN I UPGRADE TO 10.6.1 WITHOUT SAME ISSUE.
Well, not sure if having the disk in a firewire case or over a network would have made a difference.
The solution of making a disk image as in article http://support.apple.com/kb/TS2664 was what worked for me.
After, mounting the disk image the Migration Assistant completed without errors. So far everything seems to be working like it did on 10.4.11. -
How to display digital signature on PDF?
How to see digital signature on the pdf. Pdf signature section show "At least on signature has problems." Please let me know, How resolve this issue to see the digital signature on the PDF.
Thank you,
NeerajConfigure TurnKey installation to install Digital Signature into PDF.
Regards,
Joan -
How to buy apps that are not availble in my region?
How to buy apps that are not availble in my region?
No.
you can ONLY use the itunes store of your country of residence (proven by the issuing country of your credit card and the valid billing address of that card) and ONLY while you are physically located inside the borders of that country. -
Hi. I just discovered my videos from my Canon digital camera are not compatible with imovie or idvd (I'm very disappointed about that.) The photos are stored in my iphoto and I can burn a dvd using idvd but there is no audio So.... I need new software. I have a Mac OS X 10.5.8 and my digital still camera is the Canon Cybershot These are home movies of my kids and the viedeos are precious. Thanks in advance!
Canon Cybershot
I can't trace a camera of that name. All that comes up is either the Sony Cybershot or the Canon Powershot!
Please confirm excactly what camera you have, and what version of iMovie. -
Adobe Flash Projector EXE files signed with Authenticode digital signatures do not launch and run.
I am failing to digitally sign Adobe Flash projector exe files.
Adobe Flash Projector EXE files signed with Authenticode digital signatures do not launch and run successfully.
It is not currently possible to directly sign a Flash Projector EXE file. Doing so is causing the projector to fail to launch or run.
What is the way to do it without involving 3rd party toolI searched for this in our bug database, but the only bug I found was reported (and deferred) back in 2008. Other than using 3rd party tools, it doesn't look like this is possible. I'd recommend opening a new bug report on this over at bugbase.adobe.com. Please post back with the URL or bug number so others can vote and add their comments.
Thanks,
Chris -
How to Verify digital signature in ABAP web dynpro enviroment
Hi,
I have few questions regarding, how we can Verify digital signature in ABAP WebDynpro ?
Do we have class or function modules to verify digital signature on WAS once signed offline or online interactive form is uploaded back?
can we use function modules in function group SSFG for validating authors signature? Or any other classes or interfaces are available in NetWeaver environment.
I searched to find any sample for validating signatures in ABAP WebDynpro, however I could not find any thing. Any sample code will be very useful?
Thanks,
Nitesh Shelar.I Found that Interface IF_FP_PDF_OBJECT can be used to extract signatures from document.
Thanks,
Nitesh Shelar. -
How to send digital signature from pdf form to fdf file?
Hi...
I already create the pdf form that contain digital signature field using ACROBAT XPRO...and now i would like to send data from pdf form to fdf file.I already manage to send data from other field except the digital signature.How to send the signature digital value to FDF file so that i can display it back to PDF file next time?Can anyone help me...i really need help right now...
tq..hi....
thanks for replying..
George Johnson wrote:
It did work with earlier versions that did not perform a full save when a signature was applied. Since Acrobat/Reader now do a Save As when a signature is applied, there are no incremental saves to include in the FDF. This can still be useful for forms that haven't been signed, oddly enough, but since you cannot control whether the user performs a full save, it shouldn't be relied on for general use. The big problem is extracting the appended saves from the FDF so you can concatenate it to original document. The FDF Toolkit is the only thing I'm aware of that helps with this.
as u said that,Fdf tool kits can help to solve my problem.Can u send me the sample of code using java so that i can get the value using Fdf Tool kits?
Thanks.. -
How to have digital signature in a Sharepoint 2013 custom list form created in InfoPath 2013?
I have a requirement that they want a form in SP13 that would allow Mobile mode. Supervisor then can sign off the form in mobile mode. Because Document Library form doesn't have Mobile client support so I decided to create this as a custom List
form. Now I'm finding out that when I right click on the section on the form to enable e-signature, there is no such option. I appreciate it if someone can give me some suggestion on how to have a form that has both Mobile mode and e-signature
support in SP13.
I also noticed that the people picker doesn't work in Mobile mode. Is that so or is there something-else I need to configure?
Thank you.Hi,
According to your description, my understanding is that you want to create an InfoPath form which supports Mobile mode and e-signature in SharePoint 2013.
Per my knowledge, the browser-based forms cannot support signature in Mobile device.
Here are some other products which are not free can achieve this goal for you to take a look:
http://forums.qdabra.com/2013/06/signing-infopath-forms-part-1-electronic-signatures/
http://www.formotus.com/16563/infopath-alternatives/infopath-forms-filling-weigh-the-options
Best regards.
Thanks
Victoria Xia
TechNet Community Support
Maybe you are looking for
-
SSL Connection Configuration between Apache and Weblogic 8,1
I'm currently using Apache web server as a front end server for Weblogic server 8.1 and now i' facing some configuration problem to setting up the SSL connection between this 2 server. When i open my web application page, it shows Failure of Server A
-
How to give permission to Internal client local admin rights to install applications
Dear All, I want to give internal client rights to install application in his computer. At the same time I don't want him to login to windows server 2008 with admin rights. Could you please let me know how to do that?
-
hi, i try to uninstall macromedia flash player plug-in but it seems there has been a bug on the install, windows doesn't want to uninstall it, can i do it manually to get it out of my windows program list ?
-
Color problems using bilinear interpolation with AffineTransformOp
I am trying to apply AffineTransformOp's to BufferedImage's and it seems if I use TYPE_BILINEAR interpolation, the colors of the resulting images are messed up. This example program loads each .jpg in the current directory, applies an identity transf
-
VAT rate change - need to pick prevailing rate in billing document for reba
Hello, Can someone help on the below following requirement? We are calculating vendor rebates through settlement run. As you are aware, there was a VAT change in UK from 17.5 % to 15% and back to 17.5%. Now in the vendor billing documents (debit note