Signature with ECDSA keys on Mac OSX use always SHA384 hash

Report · Nov 08, 2024

Hi all,

we're using on OSX an application that interfaces with the local keychain and intercepts the signature request issued from Acrobat (like a click on a signature field).

When testing this with ECDSA keys of the common secp family and different lenghts we noticed a strange behaviour, Acrobat always use the SHA384 hash algorithm indepentently from the actual key length.

To be more clear, for signatures we expected on the "keychain side" a digest fit for an "optimal cryptography", that is something like:

- key secp256 -> digest SHA256

- key secp384 -> digest SHA384

- key secp521 -> digest SHA512

Insetad we got:

- key secp256 -> digest SHA384

- key secp384 -> digest SHA384

- key secp521 -> digest SHA384

So, is possible that there is a bug somewhere and on OSX Acrobat tries to use incorrectly only the ecdsaSignatureDigestX962SHA384/ecdsaSignatureMessageX962SHA384 methods?

Report · Nov 12, 2024

One more bit: we probably have undestood that Acrobat on Mac always choose the digest algorithm "looking" at the one that was used to sign the user certificate.

I.E., having a user certificate with secp256 keys that is signed by the RootCA with a "SHA384ECDSA" algortihm, when trying to make a signature the digest algorithm chosen by Acrobat will be "SHA384" (and not the expected "SHA256", as from the user's key length), thus will be based on the RootCA signature alg....

Report · Nov 12, 2024

Richard m Singleton

Report · Dec 05, 2025

Hi @daniele_infoc,

Hope you are doing well. Sorry for the trouble with using digital certificates with Acrobat.

We have already reported the issue with the development team for investigation, and they are working on the issue.

We will update the thread once we hear back from the team.

Your kind understanding and patience is highly appreciated on this.

Regards,
Souvik.