Signature with ECDSA keys on Mac OSX use always SHA384 hash

Question

Hi all,we're using on OSX an application that interfaces with the local keychain and intercepts the signature request issued from Acrobat (like a click on a signature field). When testing this with ECDSA keys of the common secp family and different lenghts we noticed a strange behaviour, Acrobat always use the SHA384 hash algorithm indepentently from the actual key length. To be more clear, for signatures we expected on the "keychain side" a digest fit for an "optimal cryptography", that is something like:- key secp256 -> digest SHA256- key secp384 -> digest SHA384- key secp521 -> digest SHA512 Insetad we got:- key secp256 -> digest SHA384- key secp384 -> digest SHA384- key secp521 -> digest SHA384 So, is possible that there is a bug somewhere and on OSX Acrobat tries to use incorrectly only the ecdsaSignatureDigestX962SHA384/ecdsaSignatureMessageX962SHA384 methods?

daniele_infoc · Answer

One more bit: we probably have undestood that Acrobat on Mac always choose the digest algorithm "looking" at the one that was used to sign the user certificate.

I.E., having a user certificate with secp256 keys that is signed by the RootCA with a "SHA384ECDSA" algortihm, when trying to make a signature the digest algorithm chosen by Acrobat will be "SHA384" (and not the expected "SHA256", as from the user's key length), thus will be based on the RootCA signature alg....

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded