setasign / setapdf-signer-addon-globaltrust-trust2go Goto Github PK

In the 2FA demo you may end up with unnamed options in the certificate drop-down, rendering them invisible. This is due to the fact, that the description property of the returned certificates may be an empty string.

Unfortunately, this is not documented by TRUST2GO, but can be circumvented by naming the options with a combination of the certificateSerialNumber property and, if present, the description, like so.

let opt = '<option value="' + certificate.certificateSerialNumber + '">{{NAME}}</option>';
let name = certificate.certificateSerialNumber;
if (certificate.description) {
    name += ' (' + certificate.description + ')';
}
certificatesHtml += opt.replace('{{NAME}}', name);

From our experience, it's the user level certificates (the relevant ones) that do not have a description, whereas root and sub level certificates have one.

While fiddling with the 2FA demo, we ran into the following exception.

Fatal error: Uncaught SetaPDF_Core_Type_IndirectReference_Exception: Object could not be resolved (15, 0) in <REDACTED>/vendor/setasign/setapdf-signer_eval_ioncube_php7.1/library/SetaPDF/Core/Type/IndirectReference.php:172 Stack trace: 
#0 <REDACTED>/vendor/setasign/setapdf-signer_eval_ioncube_php7.1/library/SetaPDF/Core/Document.php(1839): SetaPDF_Core_Type_IndirectReference->ensure() 
#1 <REDACTED>/vendor/setasign/setapdf-signer_eval_ioncube_php7.1/library/SetaPDF/Core/Document.php(1506): SetaPDF_Core_Document->_updateFileIdentifier() 
#2 <REDACTED>/vendor/setasign/setapdf-signer_eval_ioncube_php7.1/library/SetaPDF/Signer.php(774): SetaPDF_Core_Document->save() 
#3 <REDACTED>/vendor/setasign/setapdf-signer_eval_ioncube_php7.1/library/SetaPDF/Signer.php(598): SetaPDF_Signer->_prepareTemporaryVersion() 
#4 <REDACTED>/public/controll in <REDACTED>/vendor/setasign/setapdf-signer_eval_ioncube_php7.1/library/SetaPDF/Core/Type/IndirectReference.php on line 172

We figured, that it is provoked by the presign()-method of the SetaPDF_Signer and it seems to be happening in connection with writing a temporary file. For this reason, we've changed the sys_temp_dir PHP option and set generous directory permissions. In any case, the file gets written and has the typical structure of a PDF file. Hence writing the file doesn't seem to be the problem. Since the stack trace mentions _updateFileIdentifier(), we wonder if there is anything unusual happening after writing the file and how the environment needs to be configured for this to work properly.

Some specs:

• PHP 7.4.30 (FPM/FastCGI)
• Apache 2.4.54
• Ubuntu 22.04.1 LTS