From 796a9640d36328465cef66752a811eac5f7b3da5 Mon Sep 17 00:00:00 2001 From: Přemysl Eric Janouch
Date: Fri, 4 Sep 2020 18:33:12 +0200 Subject: Make it possible to change the signature reservation --- pdf/pdf.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'pdf') diff --git a/pdf/pdf.go b/pdf/pdf.go index a6f1ae8..f871c70 100644 --- a/pdf/pdf.go +++ b/pdf/pdf.go @@ -1115,12 +1115,14 @@ func FillInSignature(document []byte, signOff, signLen int, // There must be at least one certificate, matching the private key. // The certificates must form a chain. // +// A good default for the reservation is around 4096 (the value is in bytes). +// // The presumption here is that the document is valid and that it doesn't // employ cross-reference streams from PDF 1.5, or at least constitutes // a hybrid-reference file. The results with PDF 2.0 (2017) are currently // unknown as the standard costs money. -func Sign(document []byte, - key crypto.PrivateKey, certs []*x509.Certificate) ([]byte, error) { +func Sign(document []byte, key crypto.PrivateKey, certs []*x509.Certificate, + reservation int) ([]byte, error) { pdf, err := NewUpdater(document) if err != nil { return nil, err @@ -1152,7 +1154,7 @@ func Sign(document []byte, buf.WriteString("\n /Contents <") signOff = buf.Len() - signLen = 8192 // cert, digest, encrypted digest, ... + signLen = reservation * 2 // cert, digest, encrypted digest, ... buf.Write(bytes.Repeat([]byte{'0'}, signLen)) buf.WriteString("> >>") -- cgit v1.2.3-70-g09d2