I'm trying to validate the signature of a PDF document using OpenSSL.
I have used the following documentation of Adobe:
http://partners.adobe.com/asn/tech/pdf/specifications.jsp
The procedure that I have followed has been the following one:
1. Obtain the certificate form field "Cert". It's codified in octal, and I have turned it to binary.
2. Obtain the signed text. The field "ByteRange" is a an array of pairs of integers (starting byte offset, length in bytes) describing the exact byte range for the digest calculation.
3. Obtain the signature. It's in the field "Contents" and is a hexadecimal string of DER-encoded PKCS#1 binary data.
Finally, I have tried to validate the signature with:
openssl dgst -sha1 -verify public_key -signature sign contents
but the validation fails. The documentation from Adobe indicates that the length of the signature must be 131 Bytes for a public key of 1024 bits, but the chain that I have obtained is of 132 bytes (the last character is a null one). I have tried to validate without the last character, but also fails.
Can anybody give me any track?
thanks,
Luis Pascual
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
