Error encountered while BER decoding Digital Signatures

Question

Hello -I work for a GOV agency and we use Common Access Cards/Smart Cards to login to our PC's and we subsequently use them to digitally sign PDF documents.We have just recently switched to Adobe Acrobat 9.x Pro.  Before this, we had Adobe 7.x Pro and had no troubles digitally signing documents, clearing those digital signature to reuse old documents, etc.We first got Acrobat 9.x and had issues with digital signatures right away.  We had to import this into the registry, which I believe I found on adobe forum.Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096][HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker][HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURL][HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURL\c0]"sValue"=hex:68,74,74,70,3a,2f,2f,6f,63,73,70,2e,64,69,73,61,2e,6d,69,6c,00[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURLToConsult][HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c4974BB0C5EBA7AFE0254EF7BA0C695C609807096\cAdobe_OCSPRevChecker\cURLToConsult\c0]"iValue"=dword:00000001Lately we've had trouble verifying signatures.  Once we sign a document and then click the signature, we get the attached error.Error during signature verificationError encountered while validatingError encountered while BER decodingWhen we started to notice this we were on Acrobat 9.2.  I think we may have went from 9.0 to 9.1.3 and then to 9.2 pretty quick.  I removed it and installed our base load of Acrobat 9.0 and everything was working fine.  I then updated to 9.1, 9.1.1, 9.1.2, 9.1.3 and none of them worked or fixed the issue.  We have recently approved the update to 9.3, but that didn't fix it either.  Because of this BER decoding issue, we cannot right click the signature field and clear a signature as well.  Even after updates I could clear a signature field signed under Adobe 9.0.Adobe, what should I do?  Do we have a problem elsewhere, outside of Acrobat?Again, we use smart card's to sign the documents, thus cannot change certificates.Thanks,  Nick

Steven_Madwin · Answer

Hi Nick,When you mentioned that upgrading to 9.3 didn't fix the problem, did you mean when creating a new signature in Acrobat/Reader 9.3 or did you mean opening a previously signed file and doing the signature verification?If you meant the later, no version of Acrobat will be able to decode the signature if it was created incorrectly, which is what I fear you are referring to. What happened was Acrobat 9.0 changed the default digest method from the older SHA-1 to the the new SHA-256, but if the device that encrypts the digest (the actual signing operation) cannot handle the larger digest Acrobat is supposed to fall back to the older, smaller SHA-1 digest. There was a bug where Acrobat wasn't re-computing the digest if the smart card couldn't handle SHA-256 and creating a corrupt signature. Once this corrupt signature is written out to the PDF file there is no getting around it. Update 9.3 fixes the problem at signature creation and you should be able to successfully sign using your CAC card, but sadly there is no fixing the existing corrupt signatures.Steve

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded