• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Error encountered while BER decoding Digital Signatures

New Here ,
Jan 26, 2010 Jan 26, 2010

Copy link to clipboard

Copied

Hello -

I work for a GOV agency and we use Common Access Cards/Smart Cards to login to our PC's and we subsequently use them to digitally sign PDF documents.

We have just recently switched to Adobe Acrobat 9.x Pro.  Before this, we had Adobe 7.x Pro and had no troubles digitally signing documents, clearing those digital signature to reuse old documents, etc.

We first got Acrobat 9.x and had issues with digital signatures right away.  We had to import this into the registry, which I believe I found on adobe forum.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096]
[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker]
[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURL]
[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURL\c0]
"sValue"=hex:68,74,74,70,3a,2f,2f,6f,63,73,70,2e,64,69,73,61,2e,6d,69,6c,00
[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURLToConsult]
[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURLToConsult\c0]
"iValue"=dword:00000001

Lately we've had trouble verifying signatures.  Once we sign a document and then click the signature, we get the attached error.

Error during signature verification

Error encountered while validating

Error encountered while BER decoding

When we started to notice this we were on Acrobat 9.2.  I think we may have went from 9.0 to 9.1.3 and then to 9.2 pretty quick.  I removed it and installed our base load of Acrobat 9.0 and everything was working fine.  I then updated to 9.1, 9.1.1, 9.1.2, 9.1.3 and none of them worked or fixed the issue.  We have recently approved the update to 9.3, but that didn't fix it either.  Because of this BER decoding issue, we cannot right click the signature field and clear a signature as well.  Even after updates I could clear a signature field signed under Adobe 9.0.

Adobe, what should I do?  Do we have a problem elsewhere, outside of Acrobat?

Again, we use smart card's to sign the documents, thus cannot change certificates.

Thanks,  Nick

Views

43.2K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Feb 03, 2010 Feb 03, 2010

Copy link to clipboard

Copied

Looks like someone beat me to the punch in posting this.  I am in the exact same situation with the exact same result.  I have created forms and have to create another reset button to erase the signature only.  It's not a desirable way to workaround the problem but until Adobe comes out with a fix, it helps.

Does Adobe even read or respond to the problems that users post?  They have yet to address or fix the issue with the last row of thumbnails not showing on documents without shrinking thumbnail size small enough to display every page at once and they have had several updaes to Acrobat 9 already.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Feb 10, 2010 Feb 10, 2010

Copy link to clipboard

Copied

Hi Nick,

When you mentioned that upgrading to 9.3 didn't fix the problem, did you mean when creating a new signature in Acrobat/Reader 9.3 or did you mean opening a previously signed file and doing the signature verification?

If you meant the later, no version of Acrobat will be able to decode the signature if it was created incorrectly, which is what I fear you are referring to. What happened was Acrobat 9.0 changed the default digest method from the older SHA-1 to the the new SHA-256, but if the device that encrypts the digest (the actual signing operation) cannot handle the larger digest Acrobat is supposed to fall back to the older, smaller SHA-1 digest. There was a bug where Acrobat wasn't re-computing the digest if the smart card couldn't handle SHA-256 and creating a corrupt signature. Once this corrupt signature is written out to the PDF file there is no getting around it. Update 9.3 fixes the problem at signature creation and you should be able to successfully sign using your CAC card, but sadly there is no fixing the existing corrupt signatures.

Steve

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Feb 11, 2010 Feb 11, 2010

Copy link to clipboard

Copied

Steve,

I am using Acrobat 9.3 and created a new pdf file this morning and added a

digital signature to it. After I saved the file, I right clicked on the

signature and the option to clear the signature was still not there and there

was an error validating the signature (same error as in subject of email).

Robert S. Miller, CDIA+

Document Automation Project Manager

DAPS Port Hueneme

4231 San Pedro Road

Port Hueneme, CA 93043

805-982-3783 (Work) 805-982-3370 (Fax)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Feb 11, 2010 Feb 11, 2010

Copy link to clipboard

Copied

Hi Robert,

By any chance are you using an ActivCard smart card reader? If so do you know the version? There was a recent update to version 6.2 and if you are not using an earlier version could you give 6.2 a try?

Thanks,

Steve

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Feb 11, 2010 Feb 11, 2010

Copy link to clipboard

Copied

Steve,

We installed the hotfix for ActiveClient 6.2 just after I sent your email and

that was in fact the issue. This hotfix corrects the problem with the

signatures.

Robert S. Miller, CDIA+

Document Automation Project Manager

DAPS Port Hueneme

4231 San Pedro Road

Port Hueneme, CA 93043

805-982-3783 (Work) 805-982-3370 (Fax)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Feb 11, 2010 Feb 11, 2010

Copy link to clipboard

Copied

Hi Robert,

That's good news!! With a little luck this will solve Nick's problem too.

I know it looks like it's Acrobat's fault, but all we do (when using a smart card) is compute the hash over the byte range to be signed and send it to the card OS for encryption (a digital signature is just using your private key to encrypt the hash). It's the card software that manages access to the private key (Acrobat never gets access to a private key when it's stored on a hardware device) and if there is a breakdown in the key operations Acrobat gets garbage back from the smart card. In all probability nothing came back and there is no signature, which is why you can't clear it.

Steve

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Feb 11, 2010 Feb 11, 2010

Copy link to clipboard

Copied

Steve,

Thanks for your help and your quick response. I spoke with Nick and this also

solved his problem. As far as previously signed documents, I just created a

reset button to reset just the signature and once that was done I deleted the

new button and the form was back to normal.

On a different note, has Adobe come up with a solution to the issue with the

thumbnails not showing the last row? This occurs when the row isn't

completely filled up and has been an issue since the release of 9.0.

Robert S. Miller, CDIA+

Document Automation Project Manager

DAPS Port Hueneme

4231 San Pedro Road

Port Hueneme, CA 93043

805-982-3783 (Work) 805-982-3370 (Fax)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Mar 23, 2011 Mar 23, 2011

Copy link to clipboard

Copied

LATEST

This problem existed in Adobe Acrobat 9.4.3 for me when paired with ActivIdentity 6.2.050.  Applying the latest hotfix from ActivIdentity brought the version to 6.2.108 and fixed the problem.  The signatures are now verifying in Adobe Acrobat and I no longer get the BER decoding error.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines