hexapdf 0.28.0 → 0.31.0

data/lib/hexapdf/layout/page_style.rb

@@ -0,0 +1,144 @@
+# -*- encoding: utf-8; frozen_string_literal: true -*-
+#
+#--
+# This file is part of HexaPDF.
+#
+# HexaPDF - A Versatile PDF Creation and Manipulation Library For Ruby
+# Copyright (C) 2014-2023 Thomas Leitner
+#
+# HexaPDF is free software: you can redistribute it and/or modify it
+# under the terms of the GNU Affero General Public License version 3 as
+# published by the Free Software Foundation with the addition of the
+# following permission added to Section 15 as permitted in Section 7(a):
+# FOR ANY PART OF THE COVERED WORK IN WHICH THE COPYRIGHT IS OWNED BY
+# THOMAS LEITNER, THOMAS LEITNER DISCLAIMS THE WARRANTY OF NON
+# INFRINGEMENT OF THIRD PARTY RIGHTS.
+#
+# HexaPDF is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
+# License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with HexaPDF. If not, see <http://www.gnu.org/licenses/>.
+#
+# The interactive user interfaces in modified source and object code
+# versions of HexaPDF must display Appropriate Legal Notices, as required
+# under Section 5 of the GNU Affero General Public License version 3.
+#
+# In accordance with Section 7(b) of the GNU Affero General Public
+# License, a covered work must retain the producer line in every PDF that
+# is created or manipulated using HexaPDF.
+#
+# If the GNU Affero General Public License doesn't fit your need,
+# commercial licenses are available at <https://gettalong.at/hexapdf/>.
+#++
+
+require 'hexapdf/error'
+require 'hexapdf/layout/style'
+require 'hexapdf/layout/frame'
+
+module HexaPDF
+  module Layout
+
+    # A PageStyle defines the initial look of a page and the placement of one or more frames.
+    class PageStyle
+
+      # The page size.
+      #
+      # Can be any valid predefined page size (see HexaPDF::Type::Page::PAPER_SIZE) or an array
+      # [llx, lly, urx, ury] specifying a custom page size.
+      #
+      # Example:
+      #
+      #   style.page_size = :A4
+      #   style.page_size = [0, 0, 200, 200]
+      attr_accessor :page_size
+
+      # The page orientation, either +:portrait+ or +:landscape+.
+      #
+      # Only used if #page_size is one of the predefined page sizes and not an array.
+      attr_accessor :orientation
+
+      # A callable object that defines the initial content of a page created with #create_page.
+      #
+      # The callable object is given a canvas and the page style as arguments. It needs to draw the
+      # initial content of the page. Note that the graphics state of the canvas is *not* saved
+      # before executing the template code and restored afterwards. If this is needed, the object
+      # needs to do it itself.
+      #
+      # Furthermore it should set the #frame and #next_style attributes appropriately, if not done
+      # beforehand. The #create_frame method can be used for easily creating a rectangular frame.
+      #
+      # Example:
+      #
+      #   page_style.template = lambda do |canvas, style
+      #     box = canvas.context.box
+      #     canvas.fill_color("fd0") do
+      #       canvas.rectangle(0, 0, box.width, box.height).fill
+      #     end
+      #     style.frame = style.create_frame(canvas.context, 72)
+      #   end
+      attr_accessor :template
+
+      # The HexaPDF::Layout::Frame object that defines the area on the page where content should be
+      # placed.
+      #
+      # This can either be set beforehand or during execution of the #template.
+      #
+      # If no frame has been set, a frame covering the page except for a default margin on all sides
+      # is set during #create_page.
+      attr_accessor :frame
+
+      # Defines the name of the page style that should be used for the next page.
+      #
+      # If this attribute is +nil+ (the default), it means that this style should be used again.
+      attr_accessor :next_style
+
+      # Creates a new page style instance for the given page size and orientation. If a block is
+      # given, it is used as template for defining the initial content.
+      #
+      # Example:
+      #
+      #   PageStyle.new(page_size: :Letter) do |canvas, style|
+      #     style.frame = style.create_frame(canvas.context, 72)
+      #     style.next_style = :other
+      #     canvas.fill_color("fd0") { canvas.circle(100, 100, 50).fill }
+      #   end
+      def initialize(page_size: :A4, orientation: :portrait, &block)
+        @page_size = page_size
+        @orientation = orientation
+        @template = block
+        @frame = nil
+        @next_style = nil
+      end
+
+      # Creates a new page in the given document with this page style and returns it.
+      #
+      # If #frame has not been set beforehand or during execution of the #template, a default frame
+      # covering the whole page except a margin of 36 is created.
+      def create_page(document)
+        page = document.pages.create(media_box: page_size, orientation: orientation)
+        template&.call(page.canvas, self)
+        self.frame ||= create_frame(page, 36)
+        page
+      end
+
+      # Creates a frame based on the given page's box and margin.
+      #
+      # The +margin+ can be any value allowed by HexaPDF::Layout::Style::Quad#set.
+      #
+      # *Note*: This is a helper method for use inside the #template callable.
+      def create_frame(page, margin = 36)
+        box = page.box
+        margin = Layout::Style::Quad.new(margin)
+        Layout::Frame.new(box.left + margin.left,
+                          box.bottom + margin.bottom,
+                          box.width - margin.left - margin.right,
+                          box.height - margin.bottom - margin.top)
+      end
+
+    end
+
+  end
+end

data/lib/hexapdf/layout.rb

@@ -56,6 +56,7 @@ module HexaPDF
     autoload(:ImageBox, 'hexapdf/layout/image_box')
     autoload(:ColumnBox, 'hexapdf/layout/column_box')
     autoload(:ListBox, 'hexapdf/layout/list_box')
+    autoload(:PageStyle, 'hexapdf/layout/page_style')
 
   end
 

data/lib/hexapdf/task/optimize.rb

@@ -38,6 +38,8 @@ require 'set'
 require 'hexapdf/serializer'
 require 'hexapdf/content/parser'
 require 'hexapdf/content/operator'
+require 'hexapdf/type/xref_stream'
+require 'hexapdf/type/object_stream'
 
 module HexaPDF
   module Task
@@ -124,7 +126,7 @@ module HexaPDF
         if object_streams == :generate
           process_object_streams(doc, :generate, xref_streams)
         elsif xref_streams == :generate
-          doc.add({Type: :XRef})
+          doc.add({}, type: Type::XRefStream)
         end
       end
 
@@ -150,14 +152,14 @@ module HexaPDF
             end
             objects_to_delete.each {|obj| rev.delete(obj) }
             if xref_streams == :generate && !xref_stream
-              rev.add(doc.wrap({Type: :XRef}, oid: doc.revisions.next_oid))
+              rev.add(doc.wrap({}, type: Type::XRefStream, oid: doc.revisions.next_oid))
             end
           end
         when :generate
           doc.revisions.each do |rev|
             xref_stream = false
             count = 0
-            objstms = [doc.wrap({Type: :ObjStm})]
+            objstms = [doc.wrap({}, type: Type::ObjectStream)]
             old_objstms = []
             rev.each do |obj|
               case obj.type
@@ -173,7 +175,7 @@ module HexaPDF
               objstms[-1].add_object(obj)
               count += 1
               if count == 200
-                objstms << doc.wrap({Type: :ObjStm})
+                objstms << doc.wrap({}, type: Type::ObjectStream)
                 count = 0
               end
             end
@@ -182,7 +184,7 @@ module HexaPDF
               objstm.data.oid = doc.revisions.next_oid
               rev.add(objstm)
             end
-            rev.add(doc.wrap({Type: :XRef}, oid: doc.revisions.next_oid)) unless xref_stream
+            rev.add(doc.wrap({}, type: Type::XRefStream, oid: doc.revisions.next_oid)) unless xref_stream
           end
         end
       end
@@ -207,7 +209,7 @@ module HexaPDF
               xref_stream = true if obj.type == :XRef
               delete_fields_with_defaults(obj)
             end
-            rev.add(doc.wrap({Type: :XRef}, oid: doc.revisions.next_oid)) unless xref_stream
+            rev.add(doc.wrap({}, type: Type::XRefStream, oid: doc.revisions.next_oid)) unless xref_stream
           end
         end
       end

data/lib/hexapdf/type/font_simple.rb

@@ -171,9 +171,21 @@ module HexaPDF
           yield("Required field #{field} is not set", false) if self[field].nil?
         end
 
+        widths = self[:Widths]
         if key?(:Widths) && key?(:LastChar) && key?(:FirstChar) &&
-            self[:Widths].length != (self[:LastChar] - self[:FirstChar] + 1)
-          yield("Invalid number of entries in field Widths", false)
+            widths.length != (self[:LastChar] - self[:FirstChar] + 1)
+          yield("Invalid number of entries in field Widths", true)
+          difference = self[:LastChar] - self[:FirstChar] + 1 - widths.length
+          if difference > 0
+            missing_value = if widths.count(widths[0]) == widths.length
+                              widths[0]
+                            else
+                              self[:FontDescriptor]&.[](:MissingWidth) || 0
+                            end
+            difference.times { widths << missing_value }
+          else
+            widths.slice!(difference, -difference)
+          end
         end
       end
 

data/lib/hexapdf/type/object_stream.rb

@@ -101,8 +101,8 @@ module HexaPDF
       define_type :ObjStm
 
       define_field :Type,    type: Symbol, required: true, default: type, version: '1.5'
-      define_field :N,       type: Integer # not required, will be auto-filled on #write_objects
-      define_field :First,   type: Integer # not required, will be auto-filled on #write_objects
+      define_field :N,       type: Integer, required: true
+      define_field :First,   type: Integer, required: true
       define_field :Extends, type: Stream
 
       # Parses the stream and returns an ObjectStream::Data object that can be used for retrieving
@@ -230,6 +230,11 @@ module HexaPDF
 
       # Validates that the generation number of the object stream is zero.
       def perform_validation
+        # Assign dummy values so that the validation for required values works since those values
+        # are only set on #write_objects
+        self[:N] ||= 0
+        self[:First] ||= 0
+
         super
         yield("Object stream has invalid generation number > 0", false) if gen != 0
       end

data/lib/hexapdf/type/outline.rb

@@ -126,7 +126,7 @@ module HexaPDF
         if (first && !last) || (!first && last)
           yield('Outline dictionary is missing an endpoint reference', true)
           node, dir = first ? [first, :Next] : [last, :Prev]
-          node = node[dir] while node.key?(dir)
+          node = node[dir] while node[dir]
           self[dir == :Next ? :Last : :First] = node
         elsif !first && !last && self[:Count] && self[:Count] != 0
           yield('Outline dictionary key /Count set but no items exist', true)

data/lib/hexapdf/type/outline_item.rb

@@ -397,7 +397,7 @@ module HexaPDF
         if (first && !last) || (!first && last)
           yield('Outline item dictionary is missing an endpoint reference', true)
           node, dir = first ? [first, :Next] : [last, :Prev]
-          node = node[dir] while node.key?(dir)
+          node = node[dir] while node[dir]
           self[dir == :Next ? :Last : :First] = node
         elsif !first && !last && self[:Count] && self[:Count] != 0
           yield('Outline item dictionary key /Count set but no descendants exist', true)

data/lib/hexapdf/type/page.rb

@@ -104,8 +104,16 @@ module HexaPDF
         Executive: [0, 0, 522, 756].freeze,
       }.freeze
 
-      # Returns the media box for the given paper size. See PAPER_SIZE for the defined paper sizes.
+      # Returns the media box for the given paper size or array.
+      #
+      # If an array is specified, it needs to contain exactly four numbers. The +orientation+
+      # argument is not used in this case.
+      #
+      # See PAPER_SIZE for the defined paper sizes.
       def self.media_box(paper_size, orientation: :portrait)
+        return paper_size if paper_size.kind_of?(Array) && paper_size.size == 4 &&
+          paper_size.all?(Numeric)
+
         unless PAPER_SIZE.key?(paper_size)
           raise HexaPDF::Error, "Invalid paper size specified: #{paper_size}"
         end
@@ -118,9 +126,6 @@ module HexaPDF
       # The inheritable fields.
       INHERITABLE_FIELDS = [:Resources, :MediaBox, :CropBox, :Rotate].freeze
 
-      # The required inheritable fields.
-      REQUIRED_INHERITABLE_FIELDS = [:Resources, :MediaBox].freeze
-
       define_type :Page
 
       define_field :Type,                 type: Symbol, required: true, default: type
@@ -609,10 +614,26 @@ module HexaPDF
         return unless parent_node
 
         super
-        REQUIRED_INHERITABLE_FIELDS.each do |name|
-          next if self[name]
-          yield("Inheritable page field #{name} not set", name == :Resources)
-          resources.validate(&block) if name == :Ressources
+
+        unless self[:Resources]
+          yield("Required inheritable page field Resources not set", true)
+          resources.validate(&block)
+        end
+
+        unless self[:MediaBox]
+          yield("Required inheritable page field MediaBox not set", true)
+          index = self.index
+          box_before = index == 0 ? nil : document.pages[index - 1][:MediaBox]
+          box_after = index == document.pages.count - 1 ? nil : document.pages[index + 1]&.[](:MediaBox)
+          self[:MediaBox] =
+            if box_before && (box_before&.value == box_after&.value || box_after.nil?)
+              box_before.dup
+            elsif box_after && box_before.nil?
+              box_after
+            else
+              self.class.media_box(document.config['page.default_media_box'],
+                                   orientation: document.config['page.default_media_orientation'])
+            end
         end
       end
 

data/lib/hexapdf/type/xref_stream.rb

@@ -72,12 +72,10 @@ module HexaPDF
 
       define_field :Type,  type: Symbol, default: type, required: true, indirect: false,
                            version: '1.5'
-      # Size is not required because it will be auto-filled before the object is written
-      define_field :Size,  type: Integer, indirect: false
+      define_field :Size,  type: Integer, indirect: false, required: true
       define_field :Index, type: PDFArray, indirect: false
       define_field :Prev,  type: Integer, indirect: false
-      # W is not required because it will be auto-filled on #update_with_xref_section_and_trailer
-      define_field :W,     type: PDFArray, indirect: false
+      define_field :W,     type: PDFArray, indirect: false, required: true
 
       # Returns an XRefSection that represents the content of this cross-reference stream.
       #
@@ -219,6 +217,15 @@ module HexaPDF
         [[1, middle, 2], pack_string]
       end
 
+      def perform_validation #:nodoc
+        # Size is not required because it will be auto-filled before the object is written
+        # W is not required because it will be auto-filled on #update_with_xref_section_and_trailer
+        # Set both here to dummy values to make validation work for the required values
+        self[:Size] ||= 1
+        self[:W] ||= [1, 1, 1]
+        super
+      end
+
     end
 
   end

data/lib/hexapdf/type.rb

@@ -72,7 +72,6 @@ module HexaPDF
     autoload(:FontType3, 'hexapdf/type/font_type3')
     autoload(:IconFit, 'hexapdf/type/icon_fit')
     autoload(:AcroForm, 'hexapdf/type/acro_form')
-    autoload(:Signature, 'hexapdf/type/signature')
     autoload(:Outline, 'hexapdf/type/outline')
     autoload(:OutlineItem, 'hexapdf/type/outline_item')
     autoload(:PageLabel, 'hexapdf/type/page_label')

data/lib/hexapdf/version.rb

@@ -37,6 +37,6 @@
 module HexaPDF
 
   # The version of HexaPDF.
-  VERSION = '0.28.0'
+  VERSION = '0.31.0'
 
 end

data/lib/hexapdf/writer.rb

@@ -207,7 +207,7 @@ module HexaPDF
       end
 
       if (!object_streams.empty? || @use_xref_streams) && xref_stream.nil?
-        xref_stream = @document.wrap({Type: :XRef}, oid: @document.revisions.next_oid)
+        xref_stream = @document.wrap({}, type: Type::XRefStream, oid: @document.revisions.next_oid)
         rev.add(xref_stream)
       end
 

data/test/hexapdf/{type/signature → digital_signature}/common.rb

@@ -6,7 +6,7 @@ module HexaPDF
     class Certificates
 
       def ca_key
-        @ca_key ||= OpenSSL::PKey::RSA.new(512)
+        @ca_key ||= OpenSSL::PKey::RSA.new(2048)
       end
 
       def ca_certificate
@@ -36,13 +36,17 @@ module HexaPDF
       end
 
       def signer_key
-        @signer_key ||= OpenSSL::PKey::RSA.new(512)
+        @signer_key ||= OpenSSL::PKey::RSA.new(2048)
+      end
+
+      def dsa_signer_key
+        @dsa_signer_key ||= OpenSSL::PKey::DSA.new(2048)
       end
 
       def signer_certificate
         @signer_certificate ||=
           begin
-            name = OpenSSL::X509::Name.parse('/CN=signer/DC=gettalong')
+            name = OpenSSL::X509::Name.parse('/CN=RSA signer/DC=gettalong')
 
             signer_cert = OpenSSL::X509::Certificate.new
             signer_cert.serial = 2
@@ -65,6 +69,30 @@ module HexaPDF
           end
       end
 
+      def dsa_signer_certificate
+        @dsa_signer_certificate ||=
+          begin
+            signer_cert = OpenSSL::X509::Certificate.new
+            signer_cert.serial = 3
+            signer_cert.version = 2
+            signer_cert.not_before = Time.now - 86400
+            signer_cert.not_after = Time.now + 86400
+            signer_cert.public_key = dsa_signer_key.public_key
+            signer_cert.subject = OpenSSL::X509::Name.parse('/CN=DSA signer/DC=gettalong')
+            signer_cert.issuer = ca_certificate.subject
+
+            extension_factory = OpenSSL::X509::ExtensionFactory.new
+            extension_factory.subject_certificate = signer_cert
+            extension_factory.issuer_certificate = ca_certificate
+            signer_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash'))
+            signer_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:FALSE'))
+            signer_cert.add_extension(extension_factory.create_extension('keyUsage', 'digitalSignature'))
+            signer_cert.sign(ca_key, OpenSSL::Digest.new('SHA1'))
+
+            signer_cert
+          end
+      end
+
       def timestamp_certificate
         @timestamp_certificate ||=
           begin

data/test/hexapdf/digital_signature/signing/test_default_handler.rb

@@ -0,0 +1,162 @@
+# -*- encoding: utf-8 -*-
+
+require 'test_helper'
+require 'hexapdf/document'
+require_relative '../common'
+
+describe HexaPDF::DigitalSignature::Signing::DefaultHandler do
+  before do
+    @doc = HexaPDF::Document.new
+    @handler = HexaPDF::DigitalSignature::Signing::DefaultHandler.new(
+      certificate: CERTIFICATES.signer_certificate,
+      key: CERTIFICATES.signer_key,
+      certificate_chain: [CERTIFICATES.ca_certificate]
+    )
+  end
+
+  it "defaults to standard CMS signatures" do
+    assert_equal(:cms, @handler.signature_type)
+  end
+
+  it "returns the size of serialized signature" do
+    assert(@handler.signature_size > 1000)
+    @handler.signature_size = 100
+    assert_equal(100, @handler.signature_size)
+  end
+
+  it "allows setting the DocMDP permissions" do
+    assert_nil(@handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = :no_changes
+    assert_equal(1, @handler.doc_mdp_permissions)
+    @handler.doc_mdp_permissions = 1
+    assert_equal(1, @handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = :form_filling
+    assert_equal(2, @handler.doc_mdp_permissions)
+    @handler.doc_mdp_permissions = 2
+    assert_equal(2, @handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = :form_filling_and_annotations
+    assert_equal(3, @handler.doc_mdp_permissions)
+    @handler.doc_mdp_permissions = 3
+    assert_equal(3, @handler.doc_mdp_permissions)
+
+    @handler.doc_mdp_permissions = nil
+    assert_nil(@handler.doc_mdp_permissions)
+
+    assert_raises(ArgumentError) { @handler.doc_mdp_permissions = :other }
+  end
+
+  describe "sign" do
+    it "can sign the data using the provided certificate and key" do
+      data = StringIO.new("data")
+      signed_data = @handler.sign(data, [0, data.string.size, 0, 0])
+
+      pkcs7 = OpenSSL::PKCS7.new(signed_data)
+      assert(pkcs7.detached?)
+      assert_equal([CERTIFICATES.signer_certificate, CERTIFICATES.ca_certificate],
+                   pkcs7.certificates)
+      store = OpenSSL::X509::Store.new
+      store.add_cert(CERTIFICATES.ca_certificate)
+      assert(pkcs7.verify([], store, data.string, OpenSSL::PKCS7::DETACHED | OpenSSL::PKCS7::BINARY))
+    end
+
+    it "can change the used digest algorithm" do
+      @handler.digest_algorithm = 'sha384'
+      asn1 = OpenSSL::ASN1.decode(@handler.sign(StringIO.new('data'), [0, 4, 0, 0]))
+      assert_equal('SHA384', asn1.value[1].value[0].value[1].value[0].value[0].value)
+    end
+
+    it "can embed a timestamp token" do
+      @handler.timestamp_handler = tsh = Object.new
+      tsh.define_singleton_method(:sign) {|_, _| OpenSSL::ASN1::OctetString.new("signed-tsh") }
+      signed = @handler.sign(StringIO.new('data'), [0, 4, 0, 0])
+      asn1 = OpenSSL::ASN1.decode(signed)
+      assert_equal('signed-tsh', asn1.value[1].value[0].value[4].value[0].
+                   value[6].value[0].value[1].value[0].value)
+    end
+
+    it "creates PAdES compatible signatures" do
+      @handler.signature_type = :pades
+      signed = @handler.sign(StringIO.new('data'), [0, 4, 0, 0])
+      asn1 = OpenSSL::ASN1.decode(signed)
+      # check by absence of signing-time signed attribute
+      refute(asn1.value[1].value[0].value[4].value[0].value[3].value.
+             find {|obj| obj.value[0].value == 'signingTime' })
+    end
+
+    it "can use external signing without certificate set" do
+      @handler.certificate = nil
+      @handler.external_signing = proc { "hallo" }
+      assert_equal("hallo", @handler.sign(StringIO.new, [0, 0, 0, 0]))
+    end
+
+    it "can use external signing with certificate set but not the key" do
+      @handler.key = nil
+      @handler.external_signing = proc do |algorithm, _hash|
+        assert_equal('sha256', algorithm)
+        "hallo"
+      end
+      result = @handler.sign(StringIO.new, [0, 0, 0, 0])
+      asn1 = OpenSSL::ASN1.decode(result)
+      assert_equal("hallo", asn1.value[1].value[0].value[4].value[0].value[5].value)
+    end
+  end
+
+  describe "finalize_objects" do
+    before do
+      @field = @doc.wrap({})
+      @obj = @doc.wrap({})
+    end
+
+    it "only sets the mandatory values if no concrete finalization tasks need to be done" do
+      @handler.finalize_objects(@field, @obj)
+      assert(@field.empty?)
+      assert_equal(:'Adobe.PPKLite', @obj[:Filter])
+      assert_equal(:'adbe.pkcs7.detached', @obj[:SubFilter])
+      assert_kind_of(Time, @obj[:M])
+    end
+
+    it "adjust the /SubFilter if signature type is pades" do
+      @handler.signature_type = :pades
+      @handler.finalize_objects(@field, @obj)
+      assert_equal(:'ETSI.CAdES.detached', @obj[:SubFilter])
+    end
+
+    it "sets the reason, location and contact info fields" do
+      @handler.reason = 'Reason'
+      @handler.location = 'Location'
+      @handler.contact_info = 'Contact'
+      @handler.finalize_objects(@field, @obj)
+      assert(@field.empty?)
+      assert_equal(['Reason', 'Location', 'Contact'], @obj.value.values_at(:Reason, :Location, :ContactInfo))
+    end
+
+    it "fills the build properties dictionary with appropriate application information" do
+      @handler.finalize_objects(@field, @obj)
+      assert_equal(:HexaPDF, @obj[:Prop_Build][:App][:Name])
+      assert_equal(HexaPDF::VERSION, @obj[:Prop_Build][:App][:REx])
+    end
+
+    it "applies the specified DocMDP permissions" do
+      @handler.doc_mdp_permissions = :no_changes
+      @handler.finalize_objects(@field, @obj)
+      ref = @obj[:Reference][0]
+      assert_equal(:DocMDP, ref[:TransformMethod])
+      assert_equal(:SHA256, ref[:DigestMethod])
+      assert_equal(1, ref[:TransformParams][:P])
+      assert_equal(:'1.2', ref[:TransformParams][:V])
+      assert_same(@obj, @doc.catalog[:Perms][:DocMDP])
+    end
+
+    it "fails if DocMDP should be set but there is already a signature" do
+      @handler.doc_mdp_permissions = :no_changes
+      2.times do
+        field = @doc.acro_form(create: true).create_signature_field('test')
+        field.field_value = :something
+      end
+      assert_raises(HexaPDF::Error) { @handler.finalize_objects(@field, @obj) }
+    end
+  end
+end