Timestamp problem on electronic signatures

On time stamps for electronic signatures, it adds -05'00'.
We don't want that in the date stamp. How do we resolve this issue?
Adobe Acrobat X Pro Version 10.1.13

Do you get it in the Advanced Signature Properties dialog? What is the exact text?
Acrobat uses UTC time with the local time offset. This is what -05'00' means. It is time at the East Coast in USA.

Similar Messages

Electronic signature - I am not able to sign it, it appears "cryptoghrapy problem code error 13" ?

Last week I was able to sign documents electronically. I got the version Adobe Distiller 9. My electronic signature is linked to a FIS certificate issued by Exostar. This is a corporate FIS certificate, work for Rolls Royce.
Everytime that I am going to sign it appears "cryptoghrapy problem code error 13".
I have no clue what is wrong. Any suggestion.
Thanks and regards,
Lucas

[discussion moved to Creating, Editing & Exporting PDFs forum]

Having problems combining PDF files with electronic signatures...

I have Adobe Pro XI and I've been trying to combine numerous PDF files. They are each 2 pages and contain electronic signatures. When I attempt to combine them it appears to be working and then suddenly Adobe just closes with no error message or anything??

Think about it: You sign a document and then someone adds some pages to it
and pretends you signed those as well. You wouldn't what that to happen,
would you? Well, with digital signatures it can be prevented.
On Mon, Dec 8, 2014 at 10:39 PM, breeberry09 <[email protected]>

Java 45 electronic signature problems

Hi there
Im trying to apply for a job online and it is asking for an electronic signature. When i go through the steps to get one it checks my computer, browser and java. It failed on the java check because I had the latest version of java and it suggested that i have java hotspot(tm) 1.6.0_32 - 1.7.0_45 .
So i uninstalled my java and installed 1.7.0_45.
Now the check isnt detecting java at all. Ive been into the java control centre and played around with security settings but nothing seems to be working.
Any ideas?
I am on a windows 7 PC and using Internet Explorer (because Chrome fails the browser check for this particular job application website).

Hi,
You are correct that Adobe follows RFC 2560 when it comes to processing OCSP responses, but it's not section 2.2. that covers the issue you raise, rather section 4.2.2.2 - Authorized Responders. It's explained very clearly in section 4.2.2.2 what entity is authorized to sign the OCSP response. As you will note in this section one way to configure an application is to set up a local configuration and Acrobat being fully RFC 2560 compliant does allow you to do just that.
Your best bet is to review the Security Admin Guide which you can find at http://learn.adobe.com/wiki/download/attachments/52658564/acrobat_reader_security_9x.pdf?v ersion=1 specifically section 5.4.1.1 which has all of the setting you need to configure a local configuration.
Steve

Multiple electronic signatures in PDF portfolio

I Have a PDF portfolio that has multiple PDFs in it each requiring 1 or more electronic signatures. The problem is that after the first person signs one of the PDFs no one else is able to and they receive an error saying it's already open or they have read only access

Which Acrobat version do you have? I've heard that there is a bug in this area in Acrobat 11.0.7. I do not have personal experience with it and I do not know how soon it will be fixed.

How do I add an electronic signature to a document?

Hello and thanks in advance for your help. How do I add an electronic signature to a document?

Sergio
Glad you stepped in and elucidated my inadequate explanation.
Step by Step explanations of the problem will get Step by Step instructions, but its been a week and the O.P. hasn't elaborated on what they actually want.
You may consider it a horrible answer, what was your opinion of the question?
Peter
PS I looked hard but couldn't find a reference to Preview in my post.

How do I add an electronic signature to a pages document

how do I add an electronic signature to a pages document?

Sergio
Glad you stepped in and elucidated my inadequate explanation.
Step by Step explanations of the problem will get Step by Step instructions, but its been a week and the O.P. hasn't elaborated on what they actually want.
You may consider it a horrible answer, what was your opinion of the question?
Peter
PS I looked hard but couldn't find a reference to Preview in my post.

Error message "The document could not be saved. This file is already open" when trying to complete an electronic signature.

Running Adobe Acrobat Professional 10.1.0. I cannot upgrade to newer version because several applications were already tested on this version.
When trying to complete an electronic signature, my users receive the error message ""The document could not be saved. This file is already open". When they close and open the file again to try to sign again they find a corrupted electronic signature. Instead of a clean signature with the box colored in light blue they see their signature with the embedeed message Click Here to Verify & Sign with the box colored in grey.
We turned off antivirus in the Sharefolder where the forms are stored and nothing. We turned off the antivirus on the client and nothing. We stored the files in another server and nothing. One workaround is saving the file in the desktop, signing it, and then back to the Sharefolder. Another is saving the file with a different file name.
I've searched and the only similar thing was caused by the Windows Preview Pane. See Information Transmogrification: Adobe Acrobat saving a file does not work, displays “File may be read-only”. No luck with this one too.
Is definitively an intermittent problem. The users that experience the problem experience it intermittently.
This started to happen when we move our computers to Windows 7.
Any ideas?

Correction on Question:
This is a web application and the users need to be able to load the editable .pdf form from the website, edit it and submit it back to the website from within Internet Explorer.
Users began getting the error message:
'The document could not be saved. This file is already open.'
last Friday after having no problems prior to this. Some users can edit the editable .pdf forms on the website and save the file with the same name to the website. Some get the error mentioned in the subject.
We really need help getting this resolved.
Sandy Martin

Printing issue with Electronic Signatures

In the footer of my document, i place document properties and also use the captioning feature for tables and figures. I have saved it in native 2010 format not in a compatability mode.
When I print my document (paper or PDF) these fields print properly.
After I electronically sign the document and look at the document on the screen, the fields and caption numbers (Table 1-1: Intended Audience) appear correctly. When I print to PDF or paper, the numbers disappear (Table 1-: Intended Audience) and they
also disappear from the screen.
When I close the document and reopen it, the fields are correct. It only changes after the document prints.
Using Microsoft Office Professional Plus 2010 Version 14.0.6023.1000 (32-bit).
(--merging--)
The original document was a 2007 document opened/stored in the 2010 format.
Reproduced with new 2010 document simply by creating two properties:
Template Version - Test - Value 1.0
Template Date - Date - Value 1/25/2012
And doing the following:
Using the default Normal template with calibri as the font
Added a heading level 1 to the document
Added a 2x2 table with Insert Caption including the chapter number based on heading 1 below the table
Added the template version and template date as two lines on the page
Inserted a signature line
Created a footer with the template version, page number aligned center (via tab), template date alighted right (via tab)
Printed without signing and all data was present (Table 0-1: Test)
Signed the document and printed. The following was missing:
The template date in the footer.
The table label was Table 0-: Test
The template date was present in the middle of the document

Hi,
Is this problem only affect Word program with Electronic Signatures?
Please try to test Printing with different printer drivers.
If the Word printing problem occurs only when you print documents with a certain font or a certain type of graphics image, try to print to another printer.
If no other printer is available, contact the manufacturer to find out whether there is an updated version of the driver or a different driver that works with your printer model.
You may also follow other methods in this KB article troubleshoot print issue in word:
http://support.microsoft.com/kb/826845
Best regards.
William Zhou
TechNet Community Support

Troubleshooting Electronic Signature in Adobe X Standard

Trying to assist a coworker in setting up an electronic signature with password. When walking her through the screens, I noticed the "Add Digital ID" popup box does not show "Key Algorith" or "Use digital ID for" sections (mine does). She does not get the prompt to make up a password and enter twice. She says that she gets a box that wants her to enter a password but she has not created one. Any assistance is greatly appreciated. I am new to Adobe so I am limited in my knowledge.

Employee states this solved the password problem but now her written signature is extremely small when placed on a document.
Cheryl A. Henson
Deputy Director
Board of Review
State Capitol Complex
Building 6, Room 817-B
Charleston, WV 25305
Phone: 304-558-2019
Fax: 304-558-1992
Email: [email protected] <mailto:[email protected]>
The information contained in this electronic message is legally privileged and confidential under applicable law and is intended for the use of the individual or entity named above. If the recipient of this message is not the above-named recipient, you are hereby notified that any dissemination, copy or disclosure of this communication is strictly prohibited.

Problem verifying xml signature

We have a problem with verifying XML Signatures which are part of a SOAP message. Thanks a lot for helping! Hope my problem is understandable - otherwise ask.
We use the following enviroment:
Java6
Axis 2 V1.2 with XML Beans
Step 1:
The Java 6 XML Signature is an enveloped signature over an element called payload with exclusive XML canonicalization. We sign the payload and send the payload including signature to the server. At first I discovered the following namespace problem.
DigesterOutputstream Create Signature:
FEINER: <Payload Id="c623c3be-529b-4d6d-8f1e-a4a29660f344"><Parameter Encoding="base64"><Name>VSD</Name><Value>PFBlcmZvcm1VcGRhdGVzIHhtbG5zPSJodHRwOi8vd3MuZ2VtYXRpay5kZS9jbS9jYy9DbUNjU2VydmljZVJlcXVlc3QvdjEuMiIgeG1sbnM6djE9Imh0dHA6Ly93cy5nZW1hdGlrLmRlL2NtL2NvbW1vbi9DbUNvbW1vbi92MS4yIj4NCiAgPHYxOkljY3NuPjgwMjc2MDAxMDQwMDAwMDAyNDAwPC92MTpJY2Nzbj4NCiAgPHYxOlVwZGF0ZUlkPjAxPC92MTpVcGRhdGVJZD4NCjwvUGVyZm9ybVVwZGF0ZXM+</Value></Parameter><MessageID>urn:uuid:34D51D9DE4B7A19DD411938151524022</MessageID><Timestamp><Created>UNDO</Created></Timestamp></Payload>
DigesterOutput Verify Signature:
FEINER: <Payload xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" Id="c623c3be-529b-4d6d-8f1e-a4a29660f344"><Parameter Encoding="base64"><Name>VSD</Name><Value>PFBlcmZvcm1VcGRhdGVzIHhtbG5zPSJodHRwOi8vd3MuZ2VtYXRpay5kZS9jbS9jYy9DbUNjU2VydmljZVJlcXVlc3QvdjEuMiIgeG1sbnM6djE9Imh0dHA6Ly93cy5nZW1hdGlrLmRlL2NtL2NvbW1vbi9DbUNvbW1vbi92MS4yIj4NCiAgPHYxOkljY3NuPjgwMjc2MDAxMDQwMDAwMDAyNDAwPC92MTpJY2Nzbj4NCiAgPHYxOlVwZGF0ZUlkPjAxPC92MTpVcGRhdGVJZD4NCjwvUGVyZm9ybVVwZGF0ZXM+</Value></Parameter><MessageID>urn:uuid:34D51D9DE4B7A19DD411938151524022</MessageID><Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Created>UNDO</Created></Timestamp></Payload>
31.10.2007 08:25:48 org.jcp.xml.dsig.internal.dom.DOMReference validate
FEIN: Expected digest: 71PfJ/xxn38TtQrpZOpRdqTZsBw=
31.10.2007 08:25:48 org.jcp.xml.dsig.internal.dom.DOMReference validate
FEIN: Actual digest: B1Qdei/0yW1mqR2T50LXKFfxhl0=
Soap request with payload:
<?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header><TelematikHeader xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1"><MessageID>urn:uuid:34D51D9DE4B7A19DD411938151524022</MessageID><ConversationID /><ServiceLocalization><Type>VSD</Type><Provider>101575519</Provider></ServiceLocalization><MessageType><Component>VSD</Component><Operation>PerformUpdates</Operation></MessageType><RoleDataProcessor /></TelematikHeader><TransportHeader xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1"><InterfaceVersion>0.0.24.3</InterfaceVersion></TransportHeader></soapenv:Header><soapenv:Body><TelematikExecute xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1"><Payload Id="c623c3be-529b-4d6d-8f1e-a4a29660f344"><Parameter Encoding="base64"><Name>VSD</Name><Value>PFBlcmZvcm1VcGRhdGVzIHhtbG5zPSJodHRwOi8vd3MuZ2VtYXRpay5kZS9jbS9jYy9DbUNjU2VydmljZVJlcXVlc3QvdjEuMiIgeG1sbnM6djE9Imh0dHA6Ly93cy5nZW1hdGlrLmRlL2NtL2NvbW1vbi9DbUNvbW1vbi92MS4yIj4NCiAgPHYxOkljY3NuPjgwMjc2MDAxMDQwMDAwMDAyNDAwPC92MTpJY2Nzbj4NCiAgPHYxOlVwZGF0ZUlkPjAxPC92MTpVcGRhdGVJZD4NCjwvUGVyZm9ybVVwZGF0ZXM+</Value></Parameter><MessageID>urn:uuid:34D51D9DE4B7A19DD411938151524022</MessageID><Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Created>UNDO</Created></Timestamp><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI="#c623c3be-529b-4d6d-8f1e-a4a29660f344"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>71PfJ/xxn38TtQrpZOpRdqTZsBw=</DigestValue></Reference></SignedInfo><SignatureValue>FuhOdrz9kHR0MeAUq9Rxkg6w++7foR77s9AYQUQxb8qPJ44Ba6By8R/H+CCn5JP5cPFz8/mGOgOD NGKLgZp66xbVSWe1UeehmZLH1a2kvHsx/VvYo3Lr5foHsl6YikUBMXCBdhI4ukKJTuwBOK/7m3lu 7Zl07SFo0zWL73gUTxc=</SignatureValue><KeyInfo><X509Data><X509SubjectName>CN=Harris Knafla,OU=IP,O=TK,ST=Hamburg,C=DE</X509SubjectName><X509Certificate>MIIC0DCCAjmgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMCREUxEDAOBgNVBAgT B0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxCzAJBgNVBAoTAlRLMQswCQYDVQQLEwJJUDEUMBIG A1UEAxMLTmlscyBLbmFmbGExKjAoBgkqhkiG9w0BCQEWG0RyLk5pbHMuS25hZmxhQHRrLW9ubGlu ZS5kZTAeFw0wNzA2MjkxNzQ2MzBaFw0wODA2MjgxNzQ2MzBaMFExCzAJBgNVBAYTAkRFMRAwDgYD VQQIEwdIYW1idXJnMQswCQYDVQQKEwJUSzELMAkGA1UECxMCSVAxFjAUBgNVBAMTDUhhcnJpcyBL bmFmbGEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJMjAnKFGjXjbPbi4X1vnI/H7ArNfayv HO7+QbuV1FqIR+aZuAYZeR5v0s8NKyGOcMxscAQk59ZrdfqaaIiwtcXk2fNHphtSVqLqR4NLWO2q xJKXwBcAxIn7byjq/DqjiUr5nmw1cMWJtK1xwB6pVMvCv97KGg2Z8peronBxg6mVAgMBAAGjezB5 MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRl MB0GA1UdDgQWBBRaMTzoUhWt1wguyvPlPuUUV8VRtTAfBgNVHSMEGDAWgBQuZ2A4G1XF+GvL7vai Zst6RUCqYjANBgkqhkiG9w0BAQUFAAOBgQAr3rtJIVNchr3pMEfFcSzbJJWo/c0LRkUnWkP1gD6f MqLoLFUbl8k6tKJ9V4P0Oe2BODRIfNyTFjKLzD1lHAFFRz9pzYUx+hq4VDWooA3MsewNDDyJwupi vlmHcM+Y8Cv97q9pERiqAY88TRMZxntl/b98W61KARAO+HUDhTnA1g==</X509Certificate></X509Data></KeyInfo></Signature></Payload></TelematikExecute></soapenv:Body></soapenv:Envelope>
The problem is the namespaces under the elements payload and timestamp. For verification the namespaces are inherited from parent element. I wonder why this happens - I thought this should not happen when using exclusive canonicalization, or?
Step 2:
Then I added the namespaces before creating the signature , e.g.
payloadElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "http://ws.gematik.de/Schema/Telematik/Transport/V1");
for all attributes that are not part of the create signature log. Then the xml signature was verify successfully when I tested this against my own server. See log files:
DigesterOutputstream for create signature:
31.10.2007 11:16:00 org.jcp.xml.dsig.internal.DigesterOutputStream write
FEINER: <Payload xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Id="c623c3be-529b-4d6d-8f1e-a4a29660f344"><Parameter Encoding="base64"><Name>VSD</Name><Value>PFBlcmZvcm1VcGRhdGVzIHhtbG5zPSJodHRwOi8vd3MuZ2VtYXRpay5kZS9jbS9jYy9DbUNjU2VydmljZVJlcXVlc3QvdjEuMiIgeG1sbnM6djE9Imh0dHA6Ly93cy5nZW1hdGlrLmRlL2NtL2NvbW1vbi9DbUNvbW1vbi92MS4yIj4NCiAgPHYxOkljY3NuPjgwMjc2MDAxMDQwMDAwMDMwMjI5PC92MTpJY2Nzbj4NCiAgPHYxOlVwZGF0ZUlkPjAxPC92MTpVcGRhdGVJZD4NCjwvUGVyZm9ybVVwZGF0ZXM+</Value></Parameter><MessageID>urn:uuid:9E0D31C48FDB63BBCD11938257462232</MessageID><Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Created>UNDO</Created></Timestamp></Payload>
DigesterOutputstream verify signature:
31.10.2007 11:19:00 org.jcp.xml.dsig.internal.DigesterOutputStream write
FEINER: <Payload xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Id="c623c3be-529b-4d6d-8f1e-a4a29660f344"><Parameter Encoding="base64"><Name>VSD</Name><Value>PFBlcmZvcm1VcGRhdGVzIHhtbG5zPSJodHRwOi8vd3MuZ2VtYXRpay5kZS9jbS9jYy9DbUNjU2VydmljZVJlcXVlc3QvdjEuMiIgeG1sbnM6djE9Imh0dHA6Ly93cy5nZW1hdGlrLmRlL2NtL2NvbW1vbi9DbUNvbW1vbi92MS4yIj4NCiAgPHYxOkljY3NuPjgwMjc2MDAxMDQwMDAwMDMwMjI5PC92MTpJY2Nzbj4NCiAgPHYxOlVwZGF0ZUlkPjAxPC92MTpVcGRhdGVJZD4NCjwvUGVyZm9ybVVwZGF0ZXM+</Value></Parameter><MessageID>urn:uuid:9E0D31C48FDB63BBCD11938257462232</MessageID><Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Created>UNDO</Created></Timestamp></Payload>
The whole soap request:
<?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1"><wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-3596382">MIIC0DCCAjmgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMCREUxEDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxCzAJBgNVBAoTAlRLMQswCQYDVQQLEwJJUDEUMBIGA1UEAxMLTmlscyBLbmFmbGExKjAoBgkqhkiG9w0BCQEWG0RyLk5pbHMuS25hZmxhQHRrLW9ubGluZS5kZTAeFw0wNzA2MjkxNzQ2MzBaFw0wODA2MjgxNzQ2MzBaMFExCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJnMQswCQYDVQQKEwJUSzELMAkGA1UECxMCSVAxFjAUBgNVBAMTDUhhcnJpcyBLbmFmbGEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJMjAnKFGjXjbPbi4X1vnI/H7ArNfayvHO7+QbuV1FqIR+aZuAYZeR5v0s8NKyGOcMxscAQk59ZrdfqaaIiwtcXk2fNHphtSVqLqR4NLWO2qxJKXwBcAxIn7byjq/DqjiUr5nmw1cMWJtK1xwB6pVMvCv97KGg2Z8peronBxg6mVAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRaMTzoUhWt1wguyvPlPuUUV8VRtTAfBgNVHSMEGDAWgBQuZ2A4G1XF+GvL7vaiZst6RUCqYjANBgkqhkiG9w0BAQUFAAOBgQAr3rtJIVNchr3pMEfFcSzbJJWo/c0LRkUnWkP1gD6fMqLoLFUbl8k6tKJ9V4P0Oe2BODRIfNyTFjKLzD1lHAFFRz9pzYUx+hq4VDWooA3MsewNDDyJwupivlmHcM+Y8Cv97q9pERiqAY88TRMZxntl/b98W61KARAO+HUDhTnA1g==</wsse:BinarySecurityToken><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-8331318"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <ds:Reference URI="#id-28000914"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>Q2LregRFO//cXlkcThu9Bx0jal4=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#id-10464309"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>BX651XEWk4u4pGgshQhocYxPkSo=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#Timestamp-7651652"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>ezisLn/pGWNqMHbT6UlHyM4Ez64=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> Xl4SSEwrtyUnsqf8xOmfzojLLU18tOrikOhK+HRyqHqv0lPF+AqANLU6yygNdhbfI5qyef9BLr6I CmSPIX4QQR+Hq45l/Ewa+M2K1OOjqvBUGYyQqrKCqUFtsISr9xPudB8ZmaVfaUu5chjIvy/sPYYx TuYv2Ma6uEwek1YZpbE= </ds:SignatureValue> <ds:KeyInfo Id="KeyId-1823783"> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-17125267"><wsse:Reference URI="#CertId-3596382" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /></wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-7651652"><wsu:Created>2007-10-31T10:16:00.474Z</wsu:Created><wsu:Expires>2007-10-31T10:21:00.474Z</wsu:Expires></wsu:Timestamp></wsse:Security><TelematikHeader xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-10464309"><MessageID>urn:uuid:9E0D31C48FDB63BBCD11938257462232</MessageID><ConversationID /><ServiceLocalization><Type>VSD</Type><Provider>101575519</Provider></ServiceLocalization><MessageType><Component>VSD</Component><Operation>PerformUpdates</Operation></MessageType><RoleDataProcessor /></TelematikHeader><TransportHeader xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1"><InterfaceVersion>0.0.24.3</InterfaceVersion></TransportHeader></soapenv:Header><soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-28000914"><TelematikExecute xmlns="http://ws.gematik.de/Schema/Telematik/Transport/V1"><Payload Id="c623c3be-529b-4d6d-8f1e-a4a29660f344"><Parameter Encoding="base64"><Name>VSD</Name><Value>PFBlcmZvcm1VcGRhdGVzIHhtbG5zPSJodHRwOi8vd3MuZ2VtYXRpay5kZS9jbS9jYy9DbUNjU2VydmljZVJlcXVlc3QvdjEuMiIgeG1sbnM6djE9Imh0dHA6Ly93cy5nZW1hdGlrLmRlL2NtL2NvbW1vbi9DbUNvbW1vbi92MS4yIj4NCiAgPHYxOkljY3NuPjgwMjc2MDAxMDQwMDAwMDMwMjI5PC92MTpJY2Nzbj4NCiAgPHYxOlVwZGF0ZUlkPjAxPC92MTpVcGRhdGVJZD4NCjwvUGVyZm9ybVVwZGF0ZXM+</Value></Parameter><MessageID>urn:uuid:9E0D31C48FDB63BBCD11938257462232</MessageID><Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Created>UNDO</Created></Timestamp><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI="#c623c3be-529b-4d6d-8f1e-a4a29660f344"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>XHIiHK4NYczByvAJSZH8u3hSvuQ=</DigestValue></Reference></SignedInfo><SignatureValue>JQnTQJ1TidrMuWmSmpHE3ZR5M728A3tlvKjrM3GxFPuy5YOmmybxR0T7xe72WSdWsqvFT9QGE+iP GL5POuc3s8lLc1QGZRKhZvjHAKFldDNyxAMWRL7ZXmhpjsRXT3HethKWew3669SKjJFkZ1IYEnZz QrJOmgt1MMjWx99CgaQ=</SignatureValue><KeyInfo><X509Data><X509SubjectName>CN=Harris Knafla,OU=IP,O=TK,ST=Hamburg,C=DE</X509SubjectName><X509Certificate>MIIC0DCCAjmgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMCREUxEDAOBgNVBAgT B0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxCzAJBgNVBAoTAlRLMQswCQYDVQQLEwJJUDEUMBIG A1UEAxMLTmlscyBLbmFmbGExKjAoBgkqhkiG9w0BCQEWG0RyLk5pbHMuS25hZmxhQHRrLW9ubGlu ZS5kZTAeFw0wNzA2MjkxNzQ2MzBaFw0wODA2MjgxNzQ2MzBaMFExCzAJBgNVBAYTAkRFMRAwDgYD VQQIEwdIYW1idXJnMQswCQYDVQQKEwJUSzELMAkGA1UECxMCSVAxFjAUBgNVBAMTDUhhcnJpcyBL bmFmbGEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJMjAnKFGjXjbPbi4X1vnI/H7ArNfayv HO7+QbuV1FqIR+aZuAYZeR5v0s8NKyGOcMxscAQk59ZrdfqaaIiwtcXk2fNHphtSVqLqR4NLWO2q xJKXwBcAxIn7byjq/DqjiUr5nmw1cMWJtK1xwB6pVMvCv97KGg2Z8peronBxg6mVAgMBAAGjezB5 MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRl MB0GA1UdDgQWBBRaMTzoUhWt1wguyvPlPuUUV8VRtTAfBgNVHSMEGDAWgBQuZ2A4G1XF+GvL7vai Zst6RUCqYjANBgkqhkiG9w0BAQUFAAOBgQAr3rtJIVNchr3pMEfFcSzbJJWo/c0LRkUnWkP1gD6f MqLoLFUbl8k6tKJ9V4P0Oe2BODRIfNyTFjKLzD1lHAFFRz9pzYUx+hq4VDWooA3MsewNDDyJwupi vlmHcM+Y8Cv97q9pERiqAY88TRMZxntl/b98W61KARAO+HUDhTnA1g==</X509Certificate></X509Data></KeyInfo></Signature></Payload></TelematikExecute></soapenv:Body></soapenv:Envelope>
As you can see in the soap request on top of the xml signature there is a Webservice Security signature (WSSE) over three elements. This should be no problem altough WSSE adds the wsu:id attribute to the body element. WSSE was omitted in step 1 for simplicity.
I wonder that the attributes which have been set to the payloadElement are not part of the actual message. But it works!
Step 3:
The same request was sent to an external webservice server and the server reports a xml signature verification problem. I don't have any logs or further information. But I have to get this to work against this server.
Java Files for Create + Verify Signature. For Create I get a DOM Node from a XML Bean. For step 1 the attribute setting should be in comments. I use VerifySignature for step 1 + 2.
SignPayload.java:
package de.tk.signature;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.apache.xmlbeans.XmlObject;
import de.tk.schemaTools.TkSchemaHandler;
import de.tk.util.ClientProperties;
public class SignPayload {
     public static void signDocument(XmlObject telematikExecuteXmlObject, String payloadId) {
          try {
               // get Document
               org.w3c.dom.Node node = telematikExecuteXmlObject.getDomNode();
               Document documentTo = node.getOwnerDocument();
               XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
               Reference ref = fac.newReference("#"+payloadId, fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac
                         .newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
               // Create the SignedInfo.
               SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null),
                         Collections.singletonList(ref));
               KeyStore keyStore = KeyStore.getInstance("JKS");
               String keyStoreFilename = ClientProperties.getKeystorefile();
               FileInputStream keyStoreFile = new FileInputStream(keyStoreFilename);
               keyStore.load(keyStoreFile, "storePwd".toCharArray());
               keyStoreFile.close();
               KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("harris", new KeyStore.PasswordProtection("keyPwd".toCharArray()));
               X509Certificate cert = (X509Certificate) keyEntry.getCertificate();
               // Create the KeyInfo containing the X509Data.
               KeyInfoFactory kif = fac.getKeyInfoFactory();
               List x509Content = new ArrayList();
               x509Content.add(cert.getSubjectX500Principal().getName());
               x509Content.add(cert);
               X509Data xd = kif.newX509Data(x509Content);
               KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
               Node payloadNode = new TkSchemaHandler().getNode(documentTo, "Payload");
               String prefix = payloadNode.getPrefix();
               NamedNodeMap nameNodeMap = payloadNode.getAttributes();
               // String baseUri = payloadNode.getBaseURI(); not implemented
               boolean attributes = payloadNode.hasAttributes();
               Element payloadElement = (Element) payloadNode;
               //xmlns is the prefix and first parameter the namespaceURI
               // xmlns existiert ohne WSSE, beim Create XMLOutputter ausgegeben
               payloadElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "http://ws.gematik.de/Schema/Telematik/Transport/V1");
               // existiert ohne WSSE
               // bei Create nicht; aber bei Verify im DigestOutputter mit drin
               payloadElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:soapenv", "http://schemas.xmlsoap.org/soap/envelope/");
               // existiert nur bei WSSE
               payloadElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
               Node timestampNode = new TkSchemaHandler().getNode(documentTo, "Timestamp");
               Element timestampElement = (Element) timestampNode;
               // existiert ohne WSSE
               // beim Create Outputter angegeben sowie beim Verify
               timestampElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
               // existiert nur bei WSSE, war wohl nur notwendig da bei WSSE Signature auf falschen Timestamp zugegriffen worden ist.
               // Create a DOMSignContext and specify the RSA PrivateKey and
               // location of the resulting XMLSignature's parent element.
               DOMSignContext dsc = new DOMSignContext(keyEntry.getPrivateKey(),payloadNode);
               // Create the XMLSignature, but don't sign it yet.
               XMLSignature signature = fac.newXMLSignature(si, ki);
               // DomInfo.visualize(document);
               SAXBuilderDemo2.print(documentTo);
               // Marshal, generate, and sign the enveloped signature.
               signature.sign(dsc);
          } catch (Exception exc) {
               throw new RuntimeException(exc.getMessage());
VerifySignature.java:
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
public class VerifySignature {
     * @param args
     public static void main(String[] args) {
          // TODO Auto-generated method stub
          try {
               String filename = args[0];
               System.out.println("Verify Document: " + filename);
               XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
               DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
               dbf.setNamespaceAware(true);
               Document doc = dbf
               .newDocumentBuilder()
               .parse(
                         new FileInputStream(filename));
//               Find Signature element.
//               NodeList nl =
//               doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
               Node node = TkSchemaHandler.getNode(doc,"/*[local-name()='Envelope' and namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/']/*[local-name()='Body' and namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/'][1]/*[local-name()='TelematikExecute' and namespace-uri()='http://ws.gematik.de/Schema/Telematik/Transport/V1'][1]/*[local-name()='Payload' and namespace-uri()='http://ws.gematik.de/Schema/Telematik/Transport/V1'][1]/*[local-name()='Signature' and namespace-uri()='http://www.w3.org/2000/09/xmldsig#'][1]");
               if (nl.getLength() == 0) {
               throw new Exception("Cannot find Signature element");
               Node node = nl.item(0); */
//               Create a DOMValidateContext and specify a KeySelector
//               and document context.
               DOMValidateContext valContext = new DOMValidateContext
               (new X509KeySelector(), node);
//               Unmarshal the XMLSignature.
               XMLSignature signature = fac.unmarshalXMLSignature(valContext);
//               Validate the XMLSignature.
               boolean coreValidity = signature.validate(valContext);
               // sample 6
//               Check core validation status.
               if (coreValidity == false) {
               System.err.println("Signature failed core validation");
               boolean sv = signature.getSignatureValue().validate(valContext);
               System.out.println("signature validation status: " + sv);
               if (sv == false) {
               // Check the validation status of each Reference.
               Iterator i = signature.getSignedInfo().getReferences().iterator();
               for (int j=0; i.hasNext(); j++) {
               boolean refValid = ((Reference) i.next()).validate(valContext);
               System.out.println("ref["+j+"] validity status: " + refValid);
               } else {
               System.out.println("OK! Signature passed core validation!");
          } catch (Exception exc) {
               exc.printStackTrace();
Questions:
1. Do I really have to set all the namespace attributes? I thought with exclusive xml this should not be necessary. Is there any other solution?
2. Do you think I got all the settings right in SignPayload.java?
Thanks a lot in advance.
Cheers !
Nils

It seems to be a bug with the JDK you are using. What is the JDK version you are using?

I cannot place an electronic signature in a document with form fields?!

I have Acrobat Pro installed on a windows 7 and windows 8.1 machine. On both I have lost the ability to place an electronic signature (Draw my signature) and only have the option for a digital signature. The problem is remedied if I print to pdf but then I lose the form fields.
I'm an idiot and so are the people that I need to send this to. I just want to easily fill the necessary fields out, draw my signature and forward it to the next guy to do the same so that it can be printed and turned in. Digital signatures are severe overkill for this (and i'm not going to be able to teach everyone how to create one) and I need to know how to re-enable the ability to electronically sign and keep the form fields.

re: "Digital signatures are severe overkill for this"
Yep, I discovered that as well.
I rolled my own "signature" for a client...I just added a 3 character "initials" field and a "Certify" button.
The initials act as the signature and once they hit the certify button, all form fields are set to read-only....via custom javascript.
The only problem is that I am unable to SAVE the document via javascript because of Acrobat trusted functions....
which I don't have.
So I just prompt the user to Save the document at that time.
It's a little ugly, but it works..

Electronic Signature Field Indicator

We are deploying an eForms application that uses the standard electronic signature field from the Designer object library. The basic process flow is: (1) Form is rendered via an XDP file from the Form Server using the Reader Extensions API to apply rights. (2) User completes the form and signs using the self-signed signature field. The field displays a check-mark indicating the form is signed correctly. (3) User hits "submit" button which invokes a processForm servlet that sends the form as a PDF file attachment within an email to an internal mailbox. Problem: when we open the PDF form in the mailbox, it shows a "?" in the signature field. As you hover over this field, you get the following message: "Signer's identify unknown, the document has been updated since signed". This message will be confusing to our users that will process the PDF form attachment.

I don't believe so. You can of course export the Crystal report to pdf but the electronic signature part would require custom programming.

Electronic Signature (Not Digital Signature)

Digital Signature Certificate is very expensive.
Can I implement or create Electronic Signature in InfoPath 2010 or SharePoint 2010 Workflow?
It seems Collect Signature in SharePoint Workflow working on Digital Signature only.
Please help.
Thanks a lot.

How do you integrate Electronic signature to be printed on page / form ?
Are you using any application which converts electronic form into digital or some other form ?
In SharePoint ootb way there is no way to integrate electronic signature, but yes we have option for digital signature.
For electronic signature I found one article (obviously third party), not sure if this fullfils your requiremewnt or not
http://www.infowisesolutions.com/product.aspx?id=SignatureField
Let us know your thoughts on this, thanks
Regards,
Pratik Vyas | SharePoint Consultant |
http://sharepointpratik.blogspot.com
Posting is provided AS IS with no warranties, and confers no rights
Please remember to click Mark As Answer if a post solves your problem or
Vote As Helpful if it was useful.

PDF, with electronic signature, will not save. In Finder it's nowhere, tried multiple times..

Started in Preview to save...but PDF, with electronic signature, will not save. In Finder it's nowhere, tried multiple times.

I am having the same problem with signatures. I am including a form in a pdf portfolio to collect signatures from different users who have Reader. I make sure that features have been extended for reader. Most of the time they are okay. But every once in a while (at least one every two weeks) I get a user telling me they can't sign. No message or error of any kind, just a quick blink but no signature. As a work-around I've had to save a copy and re-extend features. This can be time consuming when there are a few documents I need to circulate. Please advise.

Timestamp problem on electronic signatures

Similar Messages

Maybe you are looking for