Skip to main content
robert.simion
robert.simion
Participating Frequently
July 16, 2019
Question

PKCS#11 CKM_RSA_PKCS Sign

  • July 16, 2019
  • 3 replies
  • 7286 views

Hello guys,

I am developing a pkcs#11 library especially to sign a document using the CSC protocol. I loaded this library in Adobe as a PKCS#11 module.

I need Adobe to sign only THE hash, because the CSC protocol requires this, but, when signing, adobe calls C_SignInit with the sign mechanism set to CKM_RSA_PKCS, which is a PADDED hash. It does this despite that the library does not support this signing mechanism. (which btw, this info is send with C_GetMechanismList, which lists all the mechanisms available in the library).

The problem is that Adobe does not call C_GetMechanismList, nor C_GetMechanismInfo to verify the mechanisms supported by the library. Even if CKR_MECHANISM_INVALID is returned by C_SignInit when CKM_RSA_PKCS is specified, Adobe again try to call C_SignInit and then the process fails.

Is there a way to tell adobe to change the mechanism to another, let's say CKM_RSA_X_509? Or maybe to make it verify the mechanisms available?

I am using Adobe Acrobat Reader DC v19.012.20035

Thank you,

Robert

This topic has been closed for replies.

3 replies

M
manas_ag
Participant
April 7, 2020

Hi Robert, 

Hope you were able to solve your problem. I am trying to make a pkcs11 library that our team has developed, work with Adobe Acrobat for digital signing. However we are not able to find any developer guide or resources from Adobe for this. Adobe Acrobat is unable to load our current pkcs11 library without a meaningful error. From your discussions, it seems that you were able to get a deeper insight on how Adobe is interacting with your pkcs11 library. It would be very helpful, if you could point us in the right direction.

 

Thanks, 

Manas

robert.simion
robert.simionAuthor
Participating Frequently
July 18, 2019

It would be great but it can't be done for adobe because it doesnt support signature of hashes (only hashes), which is a requirement of the CSC protocol.

M
margueritek
Inspiring
July 18, 2019

Once again, my question is why do you need CSC protocol? Any PDF signed with that protocol will be unverifiable in Acrobat, at least.

robert.simion
robert.simionAuthor
Participating Frequently
July 18, 2019

If it were verifiable (but it isn't because of the reasons talked above), it would leverage the clients, who use a physical token, not to require it anymore. It reduces costs on all levels.

M
margueritek
Inspiring
July 16, 2019

I don't see the problem. You don't send a padded hash to C_sign, you just send the bytes to be hashed. What you do with them is up to you. Acrobat (currently) knows only PKCS #1 v1.5 RSA as the RSA signing mechanism. There is talk to add PSS and/or OAEP in PDF version 2.0 or later. The hash is signed, then the signed hash is padded to the RSA length. Since it is the PKCS#11 module that signs the hash and adds the padding, you could do what you want with the signature.

    M
    margueritek
    Inspiring
    July 16, 2019

    Of course, you will run into the small problem that Acrobat doesn't know how to validate RSA signatures signed with other than PKCS#1 v.1.5. How did you plan to address that?

      Terms & ConditionsAccessibility statement
      Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices