From 4ae8be8d3f3f61a036c4dd5287576b92f4fec352 Mon Sep 17 00:00:00 2001 From: Stefano Cipriani Date: Wed, 13 Dec 2023 09:40:58 +0100 Subject: [PATCH 1/2] handle fields with no /Type set --- pyhanko/sign/diff_analysis/rules/form_field_rules.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pyhanko/sign/diff_analysis/rules/form_field_rules.py b/pyhanko/sign/diff_analysis/rules/form_field_rules.py index 4d0e798f..1e98a153 100644 --- a/pyhanko/sign/diff_analysis/rules/form_field_rules.py +++ b/pyhanko/sign/diff_analysis/rules/form_field_rules.py @@ -661,7 +661,11 @@ def check_form_field( # /DocTimeStamps added for LTA validation purposes shouldn't have # an appearance (as per the recommendation in ISO 32000-2, which we # enforce as a rigid rule here) - if sig_obj.raw_get('/Type') == '/DocTimeStamp' and not visible: + if ( + '/Type' in sig_obj + and sig_obj.raw_get('/Type') == '/DocTimeStamp' + and not visible + ): sig_whitelist = ModificationLevel.LTA_UPDATES valid_when_locked = True else: From 8e4185fda4cf15d95de1797804ae82ab5393431a Mon Sep 17 00:00:00 2001 From: Matthias Valvekens Date: Wed, 13 Dec 2023 21:58:40 +0100 Subject: [PATCH 2/2] Add test for diff on signature without /Type --- .../pdf/minimal-signed-twice-no-sig-type.pdf | Bin 0 -> 20792 bytes pyhanko_tests/test_diff_analysis.py | 12 ++++++++++++ 2 files changed, 12 insertions(+) create mode 100644 pyhanko_tests/data/pdf/minimal-signed-twice-no-sig-type.pdf diff --git a/pyhanko_tests/data/pdf/minimal-signed-twice-no-sig-type.pdf b/pyhanko_tests/data/pdf/minimal-signed-twice-no-sig-type.pdf new file mode 100644 index 0000000000000000000000000000000000000000..4da46f54fe085fd6c22166307513e25b77a1f0f2 GIT binary patch literal 20792 zcmeI4-EJI5cE|7e6b%LjyjVz6-yeeHMb{T>td$icWgWmaf+1%pGp0BMIksiLPp)#6 z>s$obJWyUCziM)Z6h(QhSQ|sha7fN{cXd_usdN74RMr2?M^8$-C-3{ckN)y6fBCon z{MWrbIf!9(@Xve0@bKXpG(eK#n zr*7Xm6~4OhkH?FP;Y;0b{QBxtUVV4E9^}>0s4hF9n6P5Q8+P7roI)zkS=t zrh~ne%Q|}Z&X?4=>EG1lr^}1gcjt%8i>pG@v$fUfdUM=M_2+F@UFpY{Ki5*YUH+=T z?Adn*>q$&qSZ~}p*?pNB63R%{ae0Umop=!S0Fe&)}@pb~qZg=V)QNI-Fjg^Zt!<(!W{G z*c;{6=kw!}IMmzMi^go!$HBqxz?|Rp^Hg z_im~4YnnV856@R^b^da2Q|+_*3SnOyuTC#$d2d#qeU_&WmnKn`-!D&AXUp^JVtdm# z|9N@dZyILZs;(>fyq8DO8IRd#&;ImJ!MLP=|NG&GA9!=e7pwlZI)BkmBA(O5{Cv?r8ymdo*S=Z5Jo(*?%AYR3Kc1f8<6fT< zO8t&rzn9*sU)5Xt4!!+)67+T~Ch3kUUmMQ`Qm!>*!jspLWVXeSNfeVg z_Zu*#>-#2%xD5zzF@M^>{Jm}0v+?wFg_VCfUFWSF*k3dAFAr7{c%|?~-x9ROhM5z3ZNTalCl3T=R5;)QsBG<>8u! zI#%@8*L$-k!-V5|vp)|QFlcn$U_ah8xP`2TS_CCVpM(=pjlr1^T=Sv`DZEhQbk*g{ zQZ5L^d8wsnc!ARIaiZTNq_aW`!*wOB;G?*^Mmg0OteR?6L0`U$IQE-*?Y#yi!6@n& zX(3$pDpy^opE6q5-h;&T$aQTk=bhw=QO0U1jTTaEuZ$v#1at)_UGc(YXO%F~Ri`OC zQZ{VMCXuDI##yhualMSEtn`?r>tazZdgCMa_1@L(eVR7BRjyISaECU%J3=ByO-WuH zPk)z3{I?_RHm$UMdx;O_Nxegg0%`agW7Wsf39C|&j1O=nv;!H13E4{PtIW!@7;HlS zys0i3k)+Ethh!W>D~$*eVRNF1sFRhE6F#OEl`Ls&A!o03s5-?=t##6XF_m0evZ^F! z7>laxXp0_o*8DeF*@TvajIx(8Qz$jtbZa?}qh^qe&RK{MQ5RDjRfOhCbR{Jl@)&3- zk2=UiV?mCU=k8X34)R`66~`Y96#6=%Jl@sDL&p$HjM|J+)FwjmP3s)H)Y|55)Y{0v z8I0^*Y7pBR=n}Ts8q!9mP_gOgT2JX=+m@It3Du_$rd#Ut1oXxjtjF}uV0^mrmnkzk zoDwggN7WSY;3M`Rv5(}Ms#wQlFa^9hK{lui)mP;+}x?K z%wB??-)aBoQRt5c;&d#?DZAFHbc}k4&1z#)^(8Mh%om>!{K;Yf7mid6h~;)*9(6una3u0aWep(!7C&4DQ|1_)sw7 z7os80IlcP(=JRxh0TUMF{f%*dvd~L=!9+Ulx9&?O-BqsZdG{NWE^qw6yP>1fQQ@M( zm`CqZLY+ooe5+bkwyVSucIS+eTk8Gp<{Ix4=`r_fesxLfJ^2ZfU^VmM-#N|kN!T;aT5o~f--H; zkuhWhFORyHVi-5R{QnR}#t9?cC4R+XaAl=73xuU4Y#pn^(bF{@1 z!IdCG&6dEdR#7dmR2eFqaMsd}tv1js3FAiV9dI?FWEs6_s0|8vEL)IyV#Lr#f;Vn$Oy4tVzE4Qv{9MEr#n7B>>N^auxj+mA(DT9)z zlg2! zL8l^e4-5!Dz0!DmLWYV(h?IdpVi|%phfC5RZnDB zGCk2jz;arR&J+G*U#i9!0@UaZpFvNT8DF#Q-xOi? zm~)CUyEp4mCJ|=-+eDas4!7~mM4op>nZ$Jt{R?PB_X?Jm@7{qqg$%KKvK}Qf`@B^K zz3x}=i0?5r?$NO(=xjH8j=bz0tt(n54u6lWW0A~Rh|^zhzsKxE?o(Xu8M(VLmblzc zK8IBRVA*Hu8mi93ji{L^am=WBF-)(B(6Kj3Fp_ICMUDZB3MB*rk4h}f6fk&UZQ*=q z5!a*>1`u%(ibvnbgutb#Dpdz^d?7|V?DgN#LQc*(BKZ&|xR zAd-0Va$V$2RA$xWZEHJNNuQ0rd5^&}^>A1ez*8Y=m13x-GVuZlz*{wrRS*a;=Lab@ z@M$88Ls79p0`6r32j*#k;bqKQb0}$yqg7$71RzvU4eJM}K%bTO=#G&0wY98Bm7ylf{SfCWH}vDKnKv-x7@Ny^H!Cy5f>C31nnf8SV*|&TwMWm24!%ce zFPjf6c@)!tRwm#q>cos+Bf!M9O2w2oGUxRy6xHfkNRTxW`lAX6^D?4T$vI72=^86@ zp1C~>5?aK{4M|!Sf+`CTL8G&N%z~v8!p&lf#r=tq2?aJTvcqFrZ&?=^MZxHkF2UJE zU$+}2yAL}F>?E+0z)k`?3G5`WlfX^_I|=;FB>?9n{kUE}ou9r~c5W5R^>T>pvJEUl zn6Gcpj{fS$4Pjtn5wzoz_40g}jqtyg_n$oZbY$yengoO>6;|6EpA0L0d zw_!dpYv{LM5tknR;nmsv@Z05jI9R?oK7F+RU;q9e`@`|#(f$|qv3Puzm){(J`qTOH z*-wA}{P3r5594D051;HkeD&bf%d?ksdwBKoK-NTUHo{up1-T3M{H@OZU2KKilD*ULxyeR2Grl=p;uF609t`2GF#VSk`k z51yQ_7T+B%&+nGi&?PlLSbevCw7);h5Z$bwL3aJ)b|g61jwSq-NBie}r1+H$T$7xn$ad%!F%HzJBHkbt@uGRekr>>IC~oGa=~0)BBEMc{gF` zL)^A}R|3$EV!5MOc1p{8q@lwufb9hh5^5!UvgDIg@OWE_$!oGm;JCm8hdDrM0E{-6 zn4LrmS$Bj50o%MxNhUVK=>-R2f5Bg9DS6*oOAg8bjFV1yfoYzh=LE>MT6ryVfoqTy z^+uSzkj)gy4kRf!C@jsSj3# zbgbMFEJ@PoDLjhTj$rxA6MS|A%N@az)T>Pz&yHYuo%-}E36|H1Pk5X$K~;uW39TQ3 zeKw)MPs0&FrGi#3@hJ*MCaEMn5vjP&bCWTVSAvTofDh!O!K3O)k&O&cMb4XU)tXid z85~e8yT`H6mos#H$aKW+lbg~#@D}8`$VO!>yh9X*nMvLx%vAuh1QM}aY)X=b1zW7Z z-Xup8#|5t$wqE5j*#o#B55IFqv3!#*`Ku_FklIut1W7p;?QfjUWc8f6F!qj?~$dHIj}=Ze<{ff!iKizp255BsTaTQ!J&exmlQ= z)`m`x7f{kkC-N?7rfB35cXFp{6`p4fCMatnbZASKCkb=8Coug#qFDBr5>De7D+Fb& z$WmxfqP3D4X=rkEkP}IWBybU^kz_0U2-V*qvfM;#Ql^@S2qRepreO6E4d^s!a;%DE z-VHCZTR0HH^qmySME-Q51Z3@zkTG#ULKt}nV@#ZzqAB1a=bGNnj^|odk9g*hyd~f&Uc=yg{*4Wb+P8 zZDSZrd?$`2-@5c(c$Gb2ou8lMRsMCJ9N*4#^V`_AJUNo)p^r|Y?R+@5;m`4{NC7rZ z|LN!B^?7@fZwG1OikwGccDzBvo9<*IPV$9zn@WD3FsI*vFt>