PDF 签名验证失败
[英]PDF Signature fails verification
问题描述
I'm using iTextSharp.LGPLv2 to sign PDF documents (The only available option for.Net Core right now).
我正在使用 iTextSharp.LGPLv2 签署 PDF 文档(.Net Core 目前唯一可用的选项)。 I'm able to produce a signature but most readers reject it.我能够产生签名,但大多数读者拒绝它。 You can download the file: https://www.dropbox.com/s/ns35fdi5tyq52cw/blank.bs.pdf?dl=0您可以下载文件: https://www.dropbox.com/s/ns35fdi5tyq52cw/blank.bs.pdf?dl=0
Few important issues:几个重要的问题:
- Both Adobe Reader and Foxit reject the signature saying that "the document has been altered..." Adobe Reader 和 Foxit 都拒绝签名说“文档已被更改......”
- The signature uses subfilter of "adbe.pkcs7.detached".签名使用“adbe.pkcs7.detached”的子过滤器。 If changed to "ETSI.CAdES.detached", Foxit decides that the signature is fine .如果更改为“ETSI.CAdES.detached”,则 Foxit 认为签名正常。 Reader does not.读者没有。
- SHA256 is being used for all hashing purposes. SHA256 用于所有散列目的。
- Looks like the ByteRange is correctly set.看起来 ByteRange 设置正确。
- By using openssl, I was able to verify that the signature is properly formatted and contains a valid PKCS1.5 padded buffer.通过使用 openssl,我能够验证签名的格式是否正确并包含有效的 PKCS1.5 填充缓冲区。
I'm kind of puzzled here and I'll be glad to hear any suggestions/hints/directions.我在这里有点困惑,我很高兴听到任何建议/提示/方向。
1 个解决方案
解决方案1
1 已采纳 2020-07-13 08:47:05
There are (at least) two errors in the signature:签名中有(至少)两个错误:
Mismatch in document hash:
文档 hash 不匹配:The SHA256 hash of the signed byte ranges is
有符号字节范围的 SHA256 hash 是69CF153087670FC5D450FF23675C207BB9659A235A465202F5802ABED7BA7C21but your signature container claims it is
但你的签名容器声称它是93D5804C1A9A31B17F041DE79FB1CD598E1FCC7CDC2A37885CD0502D4FCBB5A6which explains why validators assume that the document has been altered.
这解释了为什么验证器会假设文档已被更改。Mismatch in hash of signed attributes:
签名属性的 hash 不匹配:The SHA256 hash of the signed attributes of the
SignerInfoin your CMS signature container isCMS 签名容器中SignerInfo的签名属性的 SHA256 hash 是C84C6600F5E11291AAD8240239B7DC09FC00BD6A9056B6BBF584E8D46C8CEBE5but the hash value in you SHA256withRSA signature value is
但是 SHA256withRSA 签名值中的 hash 值是93D5804C1A9A31B17F041DE79FB1CD598E1FCC7CDC2A37885CD0502D4FCBB5A6which would make validation fail even if the document hash (see above) would match.
即使文档 hash(见上文)匹配,这也会导致验证失败。Incidentally this hash in the signature value is identical to your claimed (incorrect) document hash value.
顺便说一句,签名值中的这个 hash 与您声明的(不正确的)文档 hash 值相同。
The latter mismatch probably is caused by you signing the wrong data.后一种不匹配可能是由于您签署了错误的数据造成的。
The former mismatch may be due because of some error in your code calculating the hash of the signed byte ranges, or it might be due to the signed data actually being manipulated.前一种不匹配可能是由于您的代码在计算带符号字节范围的 hash 时出现了一些错误,也可能是由于实际操作了带符号的数据。
To further analyze the problem, your signing code would be required.要进一步分析问题,需要您的签名代码。
PS: There also is at least one error in your certificate, it has a negative serial number. PS:您的证书中也至少有一个错误,它的序列号为负数。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.