Occorre ripetere la firma, stando attenti questa volta alla validità

Il giro di firme digitali non ha dato buon esito, purtroppo alcune firme non si sono riveltate valide e il documento è stato alterato nel frattempo.

Tentiamo nuovamente di fare le firme, questa volta aggiungendo un passo di validazione e usando git.

Tutti i firmatari hanno ricevuto una email per essere invitati al gruppo che ha accesso al documento. Potete prendere il documento sia via Web che con la Command Line.

Via web potete andare su GItHub via web, LOGGARVI, scaricare il file da qui
https://github.com/noiopen/signme/blob/master/attocostitutivo.pdf

firmarlo e poi uploadarlo nuovamente. Usare lo stesso nome di file mi raccomando.

La procedura da seguire via riga di comando è è:

git clone https://<vostro-github-user>@github.com/noiopen/signme

Andare nella cartella signme, firmare attocostitutivo.pdf, e salvare il risultato con lo stesso nome del documento originale.

A questo punto:

git commit -m "<vostro nome>" -a
git push origin master

Ogni commit verrà validato e verrà aggiunto al forum un post che permette di controllare la validità delle firme.

Se proprio avete problemi mandatemi una mail che vi mando il documento per la firma via email e lo aggiungo io…

Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: GIOVANNI GADALETA
  - Signer full Distinguished Name: givenName=GIOVANNI,SN=GADALETA,CN=GIOVANNI GADALETA,dnQualifier=20185027175176,serialNumber=TINIT-GDLGNN61T01F284O,O=NON PRESENTE,C=IT
  - Signing Time: Aug 20 2020 18:11:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 212870], [236872 - 237681]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #2:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: GIOVANNI GADALETA
  - Signer full Distinguished Name: givenName=GIOVANNI,SN=GADALETA,CN=GIOVANNI GADALETA,dnQualifier=20185027175176,serialNumber=TINIT-GDLGNN61T01F284O,O=NON PRESENTE,C=IT
  - Signing Time: Aug 20 2020 18:11:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 212870], [236872 - 237681]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #2:
  - Signer Certificate Common Name: CIGOLINI GULESU LEONARDO
  - Signer full Distinguished Name: givenName=LEONARDO,dnQualifier=20187115302617,CN=CIGOLINI GULESU LEONARDO,serialNumber=TINIT-CGLLRD63H25F205G,SN=CIGOLINI GULESU,C=IT
  - Signing Time: Aug 20 2020 19:19:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 239685], [249687 - 250323]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #3:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: GIOVANNI GADALETA
  - Signer full Distinguished Name: givenName=GIOVANNI,SN=GADALETA,CN=GIOVANNI GADALETA,dnQualifier=20185027175176,serialNumber=TINIT-GDLGNN61T01F284O,O=NON PRESENTE,C=IT
  - Signing Time: Aug 20 2020 18:11:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 212870], [236872 - 237681]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #2:
  - Signer Certificate Common Name: CIGOLINI GULESU LEONARDO
  - Signer full Distinguished Name: givenName=LEONARDO,dnQualifier=20187115302617,CN=CIGOLINI GULESU LEONARDO,serialNumber=TINIT-CGLLRD63H25F205G,SN=CIGOLINI GULESU,C=IT
  - Signing Time: Aug 20 2020 19:19:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 239685], [249687 - 250323]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #3:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #4:
  - Signer Certificate Common Name: FINOCCHIARO PASQUALE
  - Signer full Distinguished Name: dnQualifier=RHIDN00640787,CN=FINOCCHIARO PASQUALE,serialNumber=TINIT-FNCPQL67C01C351A,givenName=PASQUALE,SN=FINOCCHIARO,C=IT
  - Signing Time: Aug 21 2020 09:19:34
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 250822], [269768 - 293959]
  - Not total document signed
  - Signature Validation: Signature is Invalid.

Uh oh! Signature invalid!!! Pasquale cosa hai usato?

stesso metodo dell’altra volta, namirial “usa e getta”: con infocert me lo dava valido (a parte quella storia della normativa europea)

Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: GIOVANNI GADALETA
  - Signer full Distinguished Name: givenName=GIOVANNI,SN=GADALETA,CN=GIOVANNI GADALETA,dnQualifier=20185027175176,serialNumber=TINIT-GDLGNN61T01F284O,O=NON PRESENTE,C=IT
  - Signing Time: Aug 20 2020 18:11:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 212870], [236872 - 237681]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #2:
  - Signer Certificate Common Name: CIGOLINI GULESU LEONARDO
  - Signer full Distinguished Name: givenName=LEONARDO,dnQualifier=20187115302617,CN=CIGOLINI GULESU LEONARDO,serialNumber=TINIT-CGLLRD63H25F205G,SN=CIGOLINI GULESU,C=IT
  - Signing Time: Aug 20 2020 19:19:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 239685], [249687 - 250323]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #3:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.

Ho resettato il documento rimuovendo la tua firma, così gli altri possono firmare un doc valido. Dobbiamo risolvere e capire cosa succede.

Ok. Ad ogni modo, da una veloce occhiata direi che è il pdfsig che non riconosce il certificato: dal suo punto di vista ha le sue ragioni, in effetti vive solo per un ora, il tempo della firma. Il documento resta comunque validato sia dal tool online di infocert che da quello delle poste.
A questo punto mi tengo per ultimo ma se non va bene namirial devo procurarmi un’altra firma… e potrebbe essere necessario qualche giorno

il certificato non lo riconosce perchè penso di usi uno italiano ma l’hash si, pdfsig da gli stessi risultati di adobe, se segna la firma non valida è perchè non lo è! A quel che ho capito il disastro è avvenuto perchè uno dei tool ha alterato una delle firme già apposte modificando il documento probabilmente petche non era valida. Non mi importa che i tool segnalino valide firme che non lo sono, io voglio un dovumento firmato digitalmente corretto. in teoria io un dovumento che passa le validazioni ma ha 5 firme non valide perche il documento sottostante è ststo alterato.

temo che quello che sia sia successo è che il tool usato da Gaziano ha rimosso proprio la tua firma, e mi sembra che tu sia l’unico ad usare namiral

Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: GIOVANNI GADALETA
  - Signer full Distinguished Name: givenName=GIOVANNI,SN=GADALETA,CN=GIOVANNI GADALETA,dnQualifier=20185027175176,serialNumber=TINIT-GDLGNN61T01F284O,O=NON PRESENTE,C=IT
  - Signing Time: Aug 20 2020 18:11:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 212870], [236872 - 237681]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #2:
  - Signer Certificate Common Name: CIGOLINI GULESU LEONARDO
  - Signer full Distinguished Name: givenName=LEONARDO,dnQualifier=20187115302617,CN=CIGOLINI GULESU LEONARDO,serialNumber=TINIT-CGLLRD63H25F205G,SN=CIGOLINI GULESU,C=IT
  - Signing Time: Aug 20 2020 19:19:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 239685], [249687 - 250323]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #3:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #4:
  - Signer Certificate Common Name: DOZZA DAVIDE
  - Signer full Distinguished Name: CN=DOZZA DAVIDE,givenName=DAVIDE,SN=DOZZA,serialNumber=TINIT-DZZDVD68E19A944D,O=non presente,C=SI,dnQualifier=20177112553392
  - Signing Time: Aug 21 2020 13:09:31
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 318660], [342662 - 343456]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: GIOVANNI GADALETA
  - Signer full Distinguished Name: givenName=GIOVANNI,SN=GADALETA,CN=GIOVANNI GADALETA,dnQualifier=20185027175176,serialNumber=TINIT-GDLGNN61T01F284O,O=NON PRESENTE,C=IT
  - Signing Time: Aug 20 2020 18:11:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 212870], [236872 - 237681]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #2:
  - Signer Certificate Common Name: CIGOLINI GULESU LEONARDO
  - Signer full Distinguished Name: givenName=LEONARDO,dnQualifier=20187115302617,CN=CIGOLINI GULESU LEONARDO,serialNumber=TINIT-CGLLRD63H25F205G,SN=CIGOLINI GULESU,C=IT
  - Signing Time: Aug 20 2020 19:19:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 239685], [249687 - 250323]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #3:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #4:
  - Signer Certificate Common Name: DOZZA DAVIDE
  - Signer full Distinguished Name: CN=DOZZA DAVIDE,givenName=DAVIDE,SN=DOZZA,serialNumber=TINIT-DZZDVD68E19A944D,O=non presente,C=SI,dnQualifier=20177112553392
  - Signing Time: Aug 21 2020 13:09:31
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 318660], [342662 - 343456]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #5:
  - Signer Certificate Common Name: CUTRI' ANTONINO SALVATORE
  - Signer full Distinguished Name: dnQualifier=LOCA2020072485823287,CN=CUTRI' ANTONINO SALVATORE,serialNumber=TINIT-CTRNNN70P19L063P,givenName=ANTONINO SALVATORE,SN=CUTRI',C=IT
  - Signing Time: Aug 21 2020 13:45:27
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 346713], [355517 - 356096]
  - Total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer isn't Trusted.

Una precisazione per tutti.

Ho ritenuto che git per una community che “vive” su GitHub, fosse la via più semplice. Soprattutto perché gli ho agganciato una validazione, che per di più scrive nel forum. Se ci pensate è una cosa molto interessante tecnicamente, possiamo usare questa soluzione per votare e tante altro cose.

Se la Command Line vi impaccia potete andare su GItHub via web, LOGGARVI, scaricare il file da qui https://github.com/noiopen/signme/blob/master/attocostitutivo.pdf
e poi uploadarlo nuovamente (stesso nome mi raccomando).

Se vedo qualcosa che non va blocco subito il commit e intervengo.

Per chi si trova “impacciato” con Git, me lo faccia sapere che gli mando io il pdf, uno alla volta, lo controllo io, e lo metto su. Mandatemi una mail volete “firmare per posta”.

Al momento tutti gli associandi, eccetto Aiello e Patierno hanno un account su GitHub, ho fatto un gruppo che servirà per tenere i documenti privati accessibili solo agli associati.

1 Mi Piace

Io proverò, pur non avendo mai utilizzato git in maniera "completa ", concordando con tutto quanto da te scritto. Non dovessi riuscirci, ti farò sapere.

Digital Signature Info of: attocostitutivo.pdf
Signature #1:
  - Signer Certificate Common Name: GIOVANNI GADALETA
  - Signer full Distinguished Name: givenName=GIOVANNI,SN=GADALETA,CN=GIOVANNI GADALETA,dnQualifier=20185027175176,serialNumber=TINIT-GDLGNN61T01F284O,O=NON PRESENTE,C=IT
  - Signing Time: Aug 20 2020 18:11:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 212870], [236872 - 237681]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #2:
  - Signer Certificate Common Name: CIGOLINI GULESU LEONARDO
  - Signer full Distinguished Name: givenName=LEONARDO,dnQualifier=20187115302617,CN=CIGOLINI GULESU LEONARDO,serialNumber=TINIT-CGLLRD63H25F205G,SN=CIGOLINI GULESU,C=IT
  - Signing Time: Aug 20 2020 19:19:49
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 239685], [249687 - 250323]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #3:
  - Signer Certificate Common Name: Michele Sciabarra
  - Signer full Distinguished Name: dnQualifier=WSREF-65491538506969,CN=Michele Sciabarra,serialNumber=TINIT-SCBMHL68L09A089C,givenName=Michele,SN=Sciabarra,OID.2.5.4.97=VATIT-01573850516,O=Aruba S.p.A.,C=IT
  - Signing Time: Aug 04 2020 08:47:53
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 89430], [108376 - 144600]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #4:
  - Signer Certificate Common Name: DOZZA DAVIDE
  - Signer full Distinguished Name: CN=DOZZA DAVIDE,givenName=DAVIDE,SN=DOZZA,serialNumber=TINIT-DZZDVD68E19A944D,O=non presente,C=SI,dnQualifier=20177112553392
  - Signing Time: Aug 21 2020 13:09:31
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 318660], [342662 - 343456]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.
Signature #5:
  - Signer Certificate Common Name: CUTRI' ANTONINO SALVATORE
  - Signer full Distinguished Name: dnQualifier=LOCA2020072485823287,CN=CUTRI' ANTONINO SALVATORE,serialNumber=TINIT-CTRNNN70P19L063P,givenName=ANTONINO SALVATORE,SN=CUTRI',C=IT
  - Signing Time: Aug 21 2020 13:45:27
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 346713], [355517 - 356096]
  - Not total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer isn't Trusted.
Signature #6:
  - Signer Certificate Common Name: Mirella Di Girolamo
  - Signer full Distinguished Name: dnQualifier=WSREF-53012495879064,CN=Mirella Di Girolamo,serialNumber=TINIT-DGRMLL66R65H769R,givenName=Mirella,SN=Di Girolamo,C=IT
  - Signing Time: Aug 21 2020 14:36:28
  - Signing Hash Algorithm: SHA-256
  - Signature Type: ETSI.CAdES.detached
  - Signed Ranges: [0 - 356675], [375621 - 411619]
  - Total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer is unknown.

Domanda: la mail arriva, come da esperienza precedente, quando è il proprio turno di firmare? La domanda nasce dal fatto che mi sembra di ricordare un ordine di firme diverso (scrivo dalla spiaggia🙂).

No non ci sta nessun ordine. Prendi il file da github, lo firmi e lo uploadi. Nel peggiore ma improbabile dei casi ti dice che qualcun altro lo ha fatto prima di te e lo devi rifare.