PDF Management #99

New Issue

b · 2024-05-31T19:40:03Z

b commented

2024-05-31 19:40:03 +00:00

When creating a signature, AFTER selecting the signers / viewers, it should be possible for the creator to navigate through any PDF files in the UI and select co-ordinates for 0 or more of the following "markTypes" (per signer):

DATE (defaults to the current date)
DATETIME (defaults to current datetime)
FULLNAME (user provides BEFORE signing docs)
JOBTITLE (user provides BEFORE signing docs)
SIGNATURE (user provides BEFORE signing docs)
- signer uploads an image containing their signature, or draws one on screen
- file is stored in the files/ subfolder of the sigit pack, with the SHA256 hash as the filename

These co-ordinates should be stored in the createSignature object by npub/filehash, eg:

{
  "signers": [
    "npub1d0csynrrxcynkcedktdzrdj6gnras2psg48mf46kxjazs8skrjgq9uzhlq",
    "npub1nqulzcxcj0d2uesusstgupl5du8pa96xl6uy8xndweeckjkn964qjs23sn"
  ],
  "viewers": [
    "npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft"
  ],
  "fileHashes": {
    "d51fe683-4c37-490b-b63c-d503387b0b75.png": "8c4f41e76be536a4d6cc180cf1a6014fa0bacbb6cc5e7a1e12dde41f8f5158a8"
  },
  "markConfig":{
    "npub1d0csynrrxcynkcedktdzrdj6gnras2psg48mf46kxjazs8skrjgq9uzhlq": {
      "8c4f41e76be536a4d6cc180cf1a6014fa0bacbb6cc5e7a1e12dde41f8f5158a8": [
        {
          "markType": "DATE",
          "markLocation": "$COORDINATES"
        },
        {
          "markType": "SIGNATURE",
          "markLocation": "$COORDINATES"
        }
      ]
    }
  }
}

When the subsequent signer enters the SIGN page of SIGit, the app will check whether their npub matches an attribute of the createSignature object. If so, then it will check whether that attribute contains an object that has an attribute which matches any hash in the fileHashes array. If found, then the upcoming docSignature will need additional attributes to contain a value for each relevant markType.

The signer is immediately prompted to provide those details (eg name, job title, signature).

After providing the above details, each page of each PDF (that has markTypes) must be displayed in sequence (click to proceed), so the user can observe the various marks at the correct points in the PDF. Only after this cycle, should they be able to hit the sign button.

After hitting sign, the relevant docSignatures entry is created, eg as follows:

{
  "prevSig": "10de030dd2bfafbbd34969645bd0b3f5e8ab71b3b32091fb29bbea5e272f8a3b7284ef667b6a02e9becc1036450d9fbe5c1c6d146fa91d70e0d8f3cd54d64f17",
  "marks": {
    "8c4f41e76be536a4d6cc180cf1a6014fa0bacbb6cc5e7a1e12dde41f8f5158a8": [
      {
        "markType": "DATE",
        "markLocation": "$COORDINATES",
        "markValue": "$DATE"
      },
      {
        "markType": "SIGNATURE",
        "markLocation": "$COORDINATES",
        "markValue": "$SHA256HASH"
      }
    ]
  }
}

Every future signer (and viewer), when opening a PDF in SIGit, should see the rendered PDF that includes all the marks. Every signer (and viewer, and verifier) should also verify the following:

file checksums match the signature SHA256 hashes
Signers docSignatures include all relevant markTypes (for each fileHash)

When a SIGit pack is exported, there should be an additional subfolder (/marked/) that contains each "marked" pdf, modified with all relevant marks.

When creating a signature, AFTER selecting the signers / viewers, it should be possible for the creator to navigate through any PDF files in the UI and select co-ordinates for 0 or more of the following "markTypes" (per signer): * DATE (defaults to the current date) * DATETIME (defaults to current datetime) * FULLNAME (user provides BEFORE signing docs) * JOBTITLE (user provides BEFORE signing docs) * SIGNATURE (user provides BEFORE signing docs) - signer uploads an image containing their signature, or draws one on screen - file is stored in the `files/` subfolder of the sigit pack, with the SHA256 hash as the filename These co-ordinates should be stored in the `createSignature` object by npub/filehash, eg: ```json { "signers": [ "npub1d0csynrrxcynkcedktdzrdj6gnras2psg48mf46kxjazs8skrjgq9uzhlq", "npub1nqulzcxcj0d2uesusstgupl5du8pa96xl6uy8xndweeckjkn964qjs23sn" ], "viewers": [ "npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft" ], "fileHashes": { "d51fe683-4c37-490b-b63c-d503387b0b75.png": "8c4f41e76be536a4d6cc180cf1a6014fa0bacbb6cc5e7a1e12dde41f8f5158a8" }, "markConfig":{ "npub1d0csynrrxcynkcedktdzrdj6gnras2psg48mf46kxjazs8skrjgq9uzhlq": { "8c4f41e76be536a4d6cc180cf1a6014fa0bacbb6cc5e7a1e12dde41f8f5158a8": [ { "markType": "DATE", "markLocation": "$COORDINATES" }, { "markType": "SIGNATURE", "markLocation": "$COORDINATES" } ] } } } ``` When the subsequent **signer** enters the **SIGN** page of SIGit, the app will check whether their npub matches an attribute of the `createSignature` object. If so, then it will check whether that attribute contains an object that has an attribute which matches any hash in the `fileHashes` array. If found, then the upcoming `docSignature` will need additional attributes to contain a value for each relevant `markType`. The signer is immediately prompted to provide those details (eg name, job title, signature). After providing the above details, each page of each PDF (that has markTypes) must be displayed in sequence (click to proceed), so the user can observe the various marks at the correct points in the PDF. Only after this cycle, should they be able to hit the sign button. After hitting sign, the relevant `docSignatures` entry is created, eg as follows: ```json { "prevSig": "10de030dd2bfafbbd34969645bd0b3f5e8ab71b3b32091fb29bbea5e272f8a3b7284ef667b6a02e9becc1036450d9fbe5c1c6d146fa91d70e0d8f3cd54d64f17", "marks": { "8c4f41e76be536a4d6cc180cf1a6014fa0bacbb6cc5e7a1e12dde41f8f5158a8": [ { "markType": "DATE", "markLocation": "$COORDINATES", "markValue": "$DATE" }, { "markType": "SIGNATURE", "markLocation": "$COORDINATES", "markValue": "$SHA256HASH" } ] } } ``` Every future signer (and viewer), when opening a PDF in SIGit, should see the _rendered_ PDF that includes all the marks. Every signer (and viewer, and verifier) should also _verify_ the following: * file checksums match the signature SHA256 hashes * Signers `docSignatures` include *all* relevant `markTypes` (for each fileHash) When a SIGit pack is exported, there should be an additional subfolder (`/marked/`) that contains each "marked" pdf, modified with all relevant marks.

b added this to the MVP milestone 2024-05-31 20:17:17 +00:00

b added the

Kind/Enhancement

Priority

High

labels 2024-05-31 20:17:25 +00:00

m referenced a pull request that will close this issue

2024-06-28 22:47:26 +00:00

PDF Markings #114

eugene closed this issue

2024-08-06 10:02:04 +00:00

Sign in to join this conversation.