SHA1 sign algorithm not compliant with italian law.

The PDF-XChange Viewer for End Users
+++ FREE +++

Moderators: TrackerSupp-Daniel, Tracker Support, Paul - Tracker Supp, Vasyl-Tracker Dev Team, Chris - Tracker Supp, Sean - Tracker, Ivan - Tracker Software, Tracker Supp-Stefan

Post Reply
agea
User
Posts: 6
Joined: Fri Mar 09, 2012 8:48 am

SHA1 sign algorithm not compliant with italian law.

Post by agea »

Hi, I have a compliance problem because PDF-Xchange uses SHA1 algorithm to sign documents.
Recent Italian law update requires SHA256.
How can I solve?
Thank You.
User avatar
John - Tracker Supp
Site Admin
Posts: 5219
Joined: Tue Jun 29, 2004 10:34 am
Location: United Kingdom
Contact:

Re: SHA1 sign algorithm not compliant with italian law.

Post by John - Tracker Supp »

Can I ask the Windows OS in user - please note Windows XP for example has issues with SHA256 that we are unable to resolve at this time ...

Further this is also dependant on the certificate and issuing authority you curently own/employ - coudl you please advise if you SHA256 'hash' capable certficate/provider combination?

Thanks
If posting files to this forum - you must archive the files to a ZIP, RAR or 7z file or they will not be uploaded - thank you.

Best regards
Tracker Support
http://www.tracker-software.com
agea
User
Posts: 6
Joined: Fri Mar 09, 2012 8:48 am

Re: SHA1 sign algorithm not compliant with italian law.

Post by agea »

I use Windows XP Professional Service Pack 3.

I also had in a recent past a similar issue but I solved it by updating the software released by the certifying authority.

Also, it works if I use updated software released by others italian certifying authorities.

I'm not sure how to carry on the check you are asking me.
May I send you some samples of the same PDF document signed using different software including yours? Should I use the support@pdf-xchange.com address?
Thanks.
User avatar
Tracker Supp-Stefan
Site Admin
Posts: 17824
Joined: Mon Jan 12, 2009 8:07 am
Location: London
Contact:

Re: SHA1 sign algorithm not compliant with italian law.

Post by Tracker Supp-Stefan »

Hello agea,

Certainly - do send such samples to support@pdf-xchange.com with a link to this forum topic as well.
Also please try to check if you can sign the same file with the same certificate using another PDF software - and check if it validates - as it could be that this particular certificate provider is having issues with certificates used on Win XP and not only our Viewer is affected - in which case an update to their software would be the most likely way to fix this.

Best,
Stefan
agea
User
Posts: 6
Joined: Fri Mar 09, 2012 8:48 am

Re: SHA1 sign algorithm not compliant with italian law.

Post by agea »

I've just sent the file.
Pleas let me know.
Thank You.
User avatar
Tracker Supp-Stefan
Site Admin
Posts: 17824
Joined: Mon Jan 12, 2009 8:07 am
Location: London
Contact:

Re: SHA1 sign algorithm not compliant with italian law.

Post by Tracker Supp-Stefan »

Thanks for the samples Agea,

We received them, and looking at these files - it seems like you created a custom certificate using our Viewer. It seems like the viewer can not currently create SHA256 certificates on it's own - but can you please try to use another 256 bit certificate (e.g. the one created when you signed the other sample if it was stored in the system storage) - and I believe that this one will work properly.

Best,
Stefan
agea
User
Posts: 6
Joined: Fri Mar 09, 2012 8:48 am

Re: SHA1 sign algorithm not compliant with italian law.

Post by agea »

Hi,
I double checked and verified the use of the same certificate.
Anyway, to be absolutely sure, I deleted from PC (with certmgr.msc) any other past or "home-made" certificate and then signed again the pdf.
I'm sending you the file and also some screenshot regarding the two former docs.

Best,
Francesco.
User avatar
Tracker Supp-Stefan
Site Admin
Posts: 17824
Joined: Mon Jan 12, 2009 8:07 am
Location: London
Contact:

Re: SHA1 sign algorithm not compliant with italian law.

Post by Tracker Supp-Stefan »

Hello Francesco,

I've passed your samples to our signatures expert and he will review them as soon as possible.

We will post back here when we have further news.

Best,
Stefan
agea
User
Posts: 6
Joined: Fri Mar 09, 2012 8:48 am

Re: SHA1 sign algorithm not compliant with italian law.

Post by agea »

Hello!
Seems to be a big problem.
Any news?
Thank you.
User avatar
Tracker Supp-Stefan
Site Admin
Posts: 17824
Joined: Mon Jan 12, 2009 8:07 am
Location: London
Contact:

Re: SHA1 sign algorithm not compliant with italian law.

Post by Tracker Supp-Stefan »

Hello agea,

I am sorry but we have no further news for the moment. We are busy with finalizing v5 of the printing drivers and this will most likely be addressed after they are released.

Best,
Stefan
agea
User
Posts: 6
Joined: Fri Mar 09, 2012 8:48 am

Re: SHA1 sign algorithm not compliant with italian law.

Post by agea »

Hello,
any news on the issue?
I expected an intervention.
Thank You.
User avatar
Tracker Supp-Stefan
Site Admin
Posts: 17824
Joined: Mon Jan 12, 2009 8:07 am
Location: London
Contact:

Re: SHA1 sign algorithm not compliant with italian law.

Post by Tracker Supp-Stefan »

Hello Agea,

I just spoke with our digital certificates expert, and he told me that we are working on those for v3 of our Viewer.
Until then there wont be many changes in this field in version 2.5 of the Viewer.

Best,
Stefan
proala@gmail.com
User
Posts: 1
Joined: Wed Nov 06, 2019 3:19 pm

Re: SHA1 sign algorithm not compliant with italian law.

Post by proala@gmail.com »

In the meantime I downloaded your latest relase 8.334, the language spoken now is correct, but this is a marginal bug this ...
While the creation of SHA256 legal documents here in a united Europe has remained the same, ie not resolved, the program always certifies in SHA1.
:( Year 2012 ~ 2020 7 years same problem ... :shock:
User avatar
Tracker Supp-Stefan
Site Admin
Posts: 17824
Joined: Mon Jan 12, 2009 8:07 am
Location: London
Contact:

Re: SHA1 sign algorithm not compliant with italian law.

Post by Tracker Supp-Stefan »

Hello proala@gmail.com,

I am sorry to hear you are also experiencing the same problem.
In conversations with our developers they have told me that if the hardware and OS on which our Editor is installed support SHA256 - we will use this for signing files, and revert back to SHA1 only if there are problems. If you are still experiencing difficulties - please write to support@pdf-xchange.com and we will see to arrange a way to investigate what is happening on your machine and how we can help to resolve that.

Regards,
Stefan
Post Reply