How to put a watermark after 1st signer signed a PDF?
I have a multiple signers case:
Signer 1 already signed and I set the CertificationLevel to 3
Signer 2 put watermark into that PDF, I do the following process flow:
Prepare PDF that already signed by signer 1 (prepared_for2.pdf)
inject the 2nd signer p7s into prepared_for2.pdf
it looks like only commentting, form fill-in, signing, page adding action are allowed..
is there any way to allow the 2nd signer put watermark (ie. decline image) into a PDF after the 1st signer signed?
Need help
many thanks in advance
Regards
Don
Related
When creating a verification email with Laravel this is how the link can end up looking:
.../verify/1/3f4f10efdbac36ec6892bb3572ac6683ff663ad8?expires=1641580767&signature=babf2d50deb610a551d0477132193abb595d8664b56a9074c38f5b3789933ad
After the "verify/1/" there seems to be some hash of length 40.
The last query parameter "signature" has a hash of length 60.
My questions are: How are these hashes created? Which hash function is used and what is the input string? Also what is the purpose of those parts?
1- The first part after the verify/1/ is the sha1 of the registered user email.
We use this to make sure we validate the same email we have in the db and the one the user registered with.
2- The last part of the url is a sha256 signature to make sure the url is not altered by a malicious user. Any modification to the url will make the signature fails. Note that the signature is checked with the Laravel Signed middleware
So it is basically security measures to prevent malicious user.
For more informations:
The generated link will be in the notification class here: src/Illuminate/Auth/Notifications/VerifyEmail.php
Once the user clicked the link, it will be processed and checked in the file below: vendor/laravel/ui/auth-backend/VerifiesEmails.php
I got the below snippet from google. I am curious to understand and decode how image src path configured. Is the image name itself encrypted.
<div><img class="imspo_tps__hs-img imspo_tps__hs-border" src="http://t3.gstatic.com/images?q=tbn:ANd9GcSIBJRTNFd7FodMrT8uvaTG9mZhP_ViztHyuSNvtkpEpg4_YIg7Kblkq2i-1l1HXgrfev0" style="width:42px;height:42px" alt=""></div>
What Google stores in their path ask Google.
To your question "how to provide encrypted image path": There can be many ways.
When you are creating deployment image, rename folders for instance with their hashes, rename the file nameswith their hashes. These changes should of course be done also in the application code (PHP, Java, etc. depending on what you use).
Implement hashing or other name replacing on a proxy level: encrypt/hash outgoing names and decrypt ingoing. Then your application code, folder names, file names remain unchanged.
If your users need to be authenticated, then you have some sort of session. May be it is a light weight session, but still you have at least unique user token. You can use that as an additional key to encrypt outgoing and decrypt ingoing URLs.
The document https://learn.microsoft.com/en-us/outlook/add-ins/inside-the-identity-token, it introduces the content in the outlook AddIn id token, and i found there are two different keys "ISS" and "APPCTXSender", i want to know what's the different usage between them. Also I want to know which part of them i can used to identity one domain/org/tenant.
To uniquely identify a user via identity token, we recommend that you combine the msexchuid and amurl properties in the response (see "Generating a unique ID"
on this page.) As for the other half of your question, could you tell us more about your scenario and why you are looking for tenant/domain?
Square uses the JSON key card_nonce is a hashed or "tokenized" temporary string used in place of the credit card number. I don't mind this approach (too much) however the demonstration code uses an HTML form with iframes which are incompatible with my software.
How do I request a card_nonce from Square without having to inject any of Square's HTML on to my page / form?
I am fine with either a server cURL request or a cross-site Access-Control JavaScript request.
You cannot. At this time you must use the card form to collect buyer card details and generate a card nonce, there isn't a nonce generating URL or endpoint.
Consider the following scenario:
1. I generate a key pair.
2. I then distribute public key to my customer.
3. The customer uses the public key to encrypt a file and then send me the file.
4. I need to identify who the customer is.
I am wondering whether it is possible to extract public key from a gpg encrypted file?
You have this the wrong way around: you can't identify a customer using your public key.
If you want to verify a sender then the message is encrypted using the senders private key which serves as the senders digital signature. The digitally "signed" and encrypted message is then sent to the receiver who can then use the senders public key to decrypt the message and reveal the original contents. This is termed Inverse Public Key Encryption
Also see: Should we sign-then-encrypt, or encrypt-then-sign?
Ref: Public-key cryptography
To answer the title:
gpg --pinentry-mode cancel --list-packets file.gpg
will give you the key-id from the encrypting key,
but will not reveal from, but to whom the file was encrypted.
In this case yourself.
credit to: https://superuser.com/questions/1409511/how-to-check-if-a-gpg-encrypted-file-is-encrypted-using-a-specific-public-key