如何从摘要中生成PKCS#7签名

如何从摘要中生成PKCS#7签名

关注
发信
关注(28)粉丝(399)

如何从摘要中生成PKCS#7签名?

本文介绍了如何从摘要中生成PKCS#7签名?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想使用pdf摘要签名pdf。我使用下面的代码创建了哈希,

  byte [] buffer = new byte [1024]; 
 int numOfBytesRead = 0; 
 MessageDigest md = null; 
 md = MessageDigest.getInstance( SHA256, BC); 
 while(((numOfBytesRead = content.read(buffer))!= -1){
 md.update(buffer,0,numOfBytesRead); 
} 
 byte []摘要= md.digest();

最后,我需要将此签名附加到pdf上。我找到了一种解决方案



它说自从应用此签名以来,文档没有被修改-这表示该签名在数学上是正确的!



问题是签名者的证书无效,在深入研究签名属性对话框时可以看到其原因:





因此,问题是您的签名者证书为对美国无效ge



这是由于突出显示了属性,而密钥用法 数字签名 没问题,则扩展了密钥用法 1.3.6.1.5.5.8.2.2 (用于 IPSEC保护的OID )不是!



Adobe , Adobe Acrobat仅接受




  • 以下一个或多个密钥用法值(如果有)




    • nonRepudiation

    • signTransaction(仅适用于11.0.09)

    • digitalSignature(11.0.10和稍后)


  • 以及以下一个或多个扩展密钥用法值(如果有)




    • 电子邮件保护

    • codeSigning

    • anyExtendedKeyUsage

    • 1.2.840.113583.1.1.5(Adobe Authentic Documents Trust)




到期到它的 IPSEC保护扩展了密钥的使用值,因此,您的证书对于签署PDF文档无效。



这可能只是一个问题在旧版ISO 32000-1签名中,可能不是在PAdES签名中。



PAdES签名缺少ESS signing-certificate-v2属性



这是基于OP首次以

这里的主要区别不是您自己显式计算哈希还是允许隐式计算哈希,主要区别是PDFB中的签名包含ESS signing-certificate-v2属性,而PDFA中的签名不包含。此属性在

  // PAdES-PDF高级电子签名
  

  // PAdES结束

正如评论已经暗示的那样,这仅对于PAdES签名是必需的,而对于传统的ISO 32000-1签名则不是必需的。 ,它涉及创建旧版ISO 32000-1签名(因此可以正常工作) ),而OP创建PAdES签名。



PAdES规范ETSI EN 319 142-1需要ESS签名证书属性的存在:

$ e)生成器应根据ETSI EN 319 122-1,根据哈希函数使用签名证书或signing-certificate v2属性。


(ETSI EN 319 142-1,第6.3节PAdES基线签名)



它引用了CAdES规范ETSI EN 319 122-1,反过来又需要

(ETSI EN 319 122-1,第6.3节组件和服务要求)


I want to sign the pdf using pdf digest. I have created the hash using below code,

byte[] buffer = new byte[1024];
int numOfBytesRead =0;
MessageDigest md = null;
md = MessageDigest.getInstance("SHA256","BC");
while((numOfBytesRead = content.read(buffer)) != -1 ){
     md.update(buffer, 0, numOfBytesRead);
}
byte[] digest = md.digest();

At the end I need to attach this signature to my pdf. I have found one solution Create pkcs7 signature from file digest, but the algorithm used in the link is SHA256withRSA. My privatekey is genearted using EC algorithm and I need to use SHA256withECDSA.Is it possible to just sign the Hash using SHA256withECDSA and attach the signature to the pdf using PDFBox ExternalSigning Interface.

解决方案

There are several situations in which Adobe calls a signer's certificate invalid even though apparently it is valid; in the case at hand in particular:

  • Key usage or Extended key usage values not appropriate
  • PAdES signature misses an ESS signing-certificate-v2 attribute

Key usage or Extended key usage values not appropriate

This is based on the information the OP first published as an answer

Indeed, Adobe Reader says the signature is invalid, but look more closely:

It says "Document has not been modified since this signature was applied" - This means that the signature is mathematically correct!

The issue is that the "Signer's certificate is invalid", and the reason for this can be seen when digging into the signature property dialogues:

Thus, the problem is that your signer certificate is Not valid for usage.

This is due to the highlighted attribute, while the Key Usage Digital Signature is ok, the "Extended key usage" 1.3.6.1.5.5.8.2.2 (OID for IPSEC Protection) is not!

According to the Adobe Digital Signatures Guide for IT, Adobe Acrobat accepts only

  • one or more of the following Key usage values (if any)

    • nonRepudiation
    • signTransaction (11.0.09 only)
    • digitalSignature (11.0.10 and later)

  • and one or more of the following Extended key usage values (if any)

    • emailProtection
    • codeSigning
    • anyExtendedKeyUsage
    • 1.2.840.113583.1.1.5 (Adobe Authentic Documents Trust)

Due to its IPSEC Protection extended key usage value, therefore, your certificate is not considered valid for signing PDF documents.

This probably only is an issue in legacy ISO 32000-1 signatures, probably not in PAdES signatures.

PAdES signature misses an ESS signing-certificate-v2 attribute

This is based on the information the OP first published as an answer

Here the main difference is not whether you explicitly calculate the hash yourself or allow it to be calculated implicitly, the main difference is that the signature in PDFB includes an ESS signing-certificate-v2 attribute while the one in PDFA does not. This attribute is generated between

//PAdES - PDF Advanced Electronic Signature

and

//PAdES-end

As the comments already hint, this is only necessary for PAdES signatures, not for legacy ISO 32000-1 ones. The answer the OP took his original code from referred to creating a legacy ISO 32000-1 signature (and, therefore, works alright) while the OP creates a PAdES signature.

The presence of an ESS signing certificate attribute is required by the PAdES specification ETSI EN 319 142-1:

(ETSI EN 319 142-1, section 6.3 PAdES baseline signatures)

It references the CAdES specification ETSI EN 319 122-1 which in turn requires

(ETSI EN 319 122-1, section 6.3 Requirements on components and services)

这篇关于如何从摘要中生成PKCS#7签名?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-27 21:45
Powered by LMLPHP ©2024 如何从摘要中生成PKCS#7签名 0.033366