[jira] [Commented] (PDFBOX-5066) ShowSignature: say which digest algorithm was used, detect forged content

Sun, 03 Jan 2021 03:50:07 -0800 


    [ 
https://issues.apache.org/jira/browse/PDFBOX-5066?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17257725#comment-17257725
 ] 

Tilman Hausherr commented on PDFBOX-5066:
-----------------------------------------

1. {{certFromSignedData.getSigAlgName()}} returns "SHA256withRSA". I can change 
the success line to
{code}
System.out.println(certFromSignedData.getSigAlgName() + " signature verified");
{code}

2. the check is missing, because this is based on code from another project. 
Here's the segment currently:
{code}
case "adbe.x509.rsa_sha1":
{
    // example: PDFBOX-2693.pdf
    COSString certString = (COSString) 
sigDict.getDictionaryObject(COSName.CERT);
    //TODO this could also be an array.
    if (certString == null)
    {
        System.err.println("The /Cert certificate string is missing in the 
signature dictionary");
        return;
    }
    byte[] certData = certString.getBytes();
    CertificateFactory factory = CertificateFactory.getInstance("X.509");
    ByteArrayInputStream certStream = new ByteArrayInputStream(certData);
    Collection<? extends Certificate> certs = 
factory.generateCertificates(certStream);
    System.out.println("certs=" + certs);

    X509Certificate cert = (X509Certificate) certs.iterator().next();

    // https://forums.adobe.com/thread/530277
    // Contents = contains the crypted message digest
    // Cert = contains the X509 certificate

    // to verify signature, see code at
    // https://stackoverflow.com/questions/43383859/

    // inspired by:
    // 
https://www.programcreek.com/java-api-examples/index.php?source_dir=pades_signing_2.1.5-master/src/main/java/com/opentrust/spi/pdf/PDFEnvelopedSignature.java
    // 
https://github.com/OpenTrust/pades_signing_2.1.5/blob/master/src/main/java/com/opentrust/spi/pdf/PDFEnvelopedSignature.java
    ASN1InputStream asn1IS = new ASN1InputStream(new 
ByteArrayInputStream(contents));
    ASN1Primitive asn1prim = asn1IS.readObject();
    if (!(asn1prim instanceof ASN1OctetString))
    {
        // 276434.pdf
        throw new IOException("ASN1 octet string expected, but got " + 
asn1prim.getClass().getSimpleName());
    }
    ASN1OctetString oct = (ASN1OctetString) asn1prim;
    Signature signature = Signature.getInstance("SHA1withRSA");
    signature.initVerify(cert.getPublicKey());
    int by;
    while ((by = signedContentAsStream.read()) != -1)
    {
        signature.update((byte) by);
    }
    System.out.println("Verification result: " + 
signature.verify(oct.getOctets()));

    // get digest algorithm
    Cipher c = Cipher.getInstance("RSA/NONE/PKCS1Padding", 
SecurityProvider.getProvider());
    c.init(Cipher.DECRYPT_MODE, cert.getPublicKey());
    byte[] raw = c.doFinal(oct.getOctets());
    DigestInfo di = DigestInfo.getInstance(raw);
    String algID = di.getAlgorithmId().getAlgorithm().getId();


    try
    {
        if (sig.getSignDate() != null)
        {
            cert.checkValidity(sig.getSignDate().getTime());
            System.out.println("Certificate valid at signing time");
        }
        else
        {
            System.err.println("Certificate cannot be verified without signing 
time");
        }
    }
    catch (CertificateExpiredException ex)
    {
        System.err.println("Certificate expired at signing time");
    }
    catch (CertificateNotYetValidException ex)
    {
        System.err.println("Certificate not yet valid at signing time");
    }
    if (CertificateVerifier.isSelfSigned(cert))
    {
        System.err.println("Certificate for " + 
cert.getSubjectX500Principal().getName() + " is self-signed, LOL!");
    }
    else
    {
        System.out.println("Certificate is not self-signed");

        if (sig.getSignDate() != null)
        {
            @SuppressWarnings("unchecked")
                    Store<X509CertificateHolder> store = new 
JcaCertStore(certs);
            SigUtils.verifyCertificateChain(store, cert, 
sig.getSignDate().getTime());
        }
    }
    break;
{code}

> ShowSignature: say which digest algorithm was used, detect forged content
> -------------------------------------------------------------------------
>
>                 Key: PDFBOX-5066
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-5066
>             Project: PDFBox
>          Issue Type: Improvement
>          Components: Signing
>    Affects Versions: 2.0.23
>            Reporter: Ralf Hauser
>            Priority: Minor
>
> 1) SHA256 is was used by the signer to get the content digests of 
> target/pdfs/notCertified_368835_Sig_en_201026090509.pdf , this should be 
> mentioned like 
>      System.out.println("Signature found");
>  so maybe 
>      System.out.println("Signature algorithm: "+algo);
>  where 'algo' is for example "sha256WithRSAEncryption" (as per 
> [http://oidref.com/1.2.840.113549.1.1.11])
> 2) for subFilter="adbe.x509.rsa_sha1" it is not detected, if the pdf content 
> is altered.
>  
> See also PDFBOX-4297



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to