i need a pdf cms vlidation pyhanko was the best amoung them (open to suggestion) in cli i use this command
python -m pyhanko sign validate --pretty-print --no-diff-analysis --no-strict-syntax download.pdf
and i face two problem
ERROR - An error occurred while validating this signature: The algorithm sha256_rsa is not allowed by the current usage policy. Reason: Key size 1024 for algorithm rsassa_pkcs1v15 is considered too small; policy mandates >= 2048. [AdESIndeterminate.CRYPTO_CONSTRAINTS_FAILURE]
and
An error occurred while validating this signature: The algorithm sha1 is not allowed by the current usage policy. [AdESIndeterminate.CRYPTO_CONSTRAINTS_FAILURE] Error: Validation failed
in code not any better
pdf_file = PdfFileReader(pdf_file)
validatino = ValidationContext()
for sig in pdf_file.embedded_signatures:
print("*" * 10, sig, "*" * 10)
try:
status = validate_pdf_signature(sig)
print(status.pretty_print_details())
except Exception as e:
print(e)
one exception is
/Type
and other one is:
The algorithm sha1 is not allowed by the current usage policy, [AdESIndeterminate.CRYPTO_CONSTRAINTS_FAILURE]
i used 'pdfsig' in terminal and it works right it returns all datas fine i kinda know i should use my own policy in pyhanko but confused in doing that and i belive that there is a set of instrucation here that can help me in validation of these datas in my code
i tried pyhanko(python package) - pdfsig (trminal tool)- endesive (python package and some sample)