Uploaded image for project: 'PDFBox'
  1. PDFBox
  2. PDFBOX-5066

ShowSignature: say which digest algorithm was used, detect forged content

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 2.0.23
    • Fix Version/s: None
    • Component/s: Signing
    • Labels:
      None

      Description

      1) SHA256 is was used by the signer to get the content digests of target/pdfs/notCertified_368835_Sig_en_201026090509.pdf , this should be mentioned like
          System.out.println("Signature found");
      so maybe
          System.out.println("Signature algorithm: "+algo);
      where 'algo' is for example "sha256WithRSAEncryption" (as per http://oidref.com/1.2.840.113549.1.1.11)

      2) for subFilter="adbe.x509.rsa_sha1" it is not detected, if the pdf content is altered.

       

      See also PDFBOX-4297

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              hauser@acm.org Ralf Hauser
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: