Highlighted

Issue validating signatures

New Here ,
Jul 25, 2019

Copy link to clipboard

Copied

Hello,

I am having an issue validating some signatures while using Adobe Acrobat Reader.

I have a digitaly signed pdf document that appears as invalid on Acrobat Reader DC but appears as valid both in iText and FoxitReader.

When I open the file in Adobe Reader DC and validate the signature i get this message:

Error during signature verification. 

Error encountered while validating: 

Error encountered while BER decoding:

When I try to access the certificates by clicking "Certificate Details" nothing happens.

On the other side, whenever I validate the signature with either FoxitReader or iText the signature appears as valid and I can access the certificate chain used for the signature.

The certificate is not a "signing certificate" (e.g.  Certificate doesn't have the "non-repudiation" or "digitalSignature" Key usages), which we purposely ignore for this signature. Also Acrobat Reader would give a diferent error if such was the only problem.

Additionaly, if I corrupt the hash used in the signature (with the same certificate), i get to access the certificate chain in the document  with Adobe ReaderDC, even though i get the error stating that the signature has been corrupted or modified.

The documents are:

signed and no corrupted hash

https://novabase-my.sharepoint.com/:b:/g/personal/nb23287_novabase_pt/Ec9xaPs_D5lDgq5r0CW7qIIB1pPigS...

signed and with corrupted hash

https://novabase-my.sharepoint.com/:b:/g/personal/nb23287_novabase_pt/EfF73zifP6JOhDSog3cF_M0BiWIQuG...

Would appreciate any help on understanding why this happens.

Thanks in advance,

It is now solved, the signable hash had to be "wrapped on a digestinfo object" (https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/asn1/x509/DigestInfo.html) before signing it.

Views

1.7K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Issue validating signatures

New Here ,
Jul 25, 2019

Copy link to clipboard

Copied

Hello,

I am having an issue validating some signatures while using Adobe Acrobat Reader.

I have a digitaly signed pdf document that appears as invalid on Acrobat Reader DC but appears as valid both in iText and FoxitReader.

When I open the file in Adobe Reader DC and validate the signature i get this message:

Error during signature verification. 

Error encountered while validating: 

Error encountered while BER decoding:

When I try to access the certificates by clicking "Certificate Details" nothing happens.

On the other side, whenever I validate the signature with either FoxitReader or iText the signature appears as valid and I can access the certificate chain used for the signature.

The certificate is not a "signing certificate" (e.g.  Certificate doesn't have the "non-repudiation" or "digitalSignature" Key usages), which we purposely ignore for this signature. Also Acrobat Reader would give a diferent error if such was the only problem.

Additionaly, if I corrupt the hash used in the signature (with the same certificate), i get to access the certificate chain in the document  with Adobe ReaderDC, even though i get the error stating that the signature has been corrupted or modified.

The documents are:

signed and no corrupted hash

https://novabase-my.sharepoint.com/:b:/g/personal/nb23287_novabase_pt/Ec9xaPs_D5lDgq5r0CW7qIIB1pPigS...

signed and with corrupted hash

https://novabase-my.sharepoint.com/:b:/g/personal/nb23287_novabase_pt/EfF73zifP6JOhDSog3cF_M0BiWIQuG...

Would appreciate any help on understanding why this happens.

Thanks in advance,

It is now solved, the signable hash had to be "wrapped on a digestinfo object" (https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/asn1/x509/DigestInfo.html) before signing it.

Views

1.7K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
New Here ,
Aug 19, 2019

Copy link to clipboard

Copied

It is now solved, the signable hash had to be "wrapped on a digestinfo object" (https://people.eecs.berkeley.edu/~jonah/bc/org/bouncycastle/asn1/x509/DigestInfo.html) before signing it.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Resources
Trending Issue & Solution
Edit PDF in Adobe Acrobat Pro DC