extract signature from digital certificate

Question

I get lot of pdfs in my system. I need to check if all of these files are:-

digitally signed
their integrity maintained(by comparing the hash of file content with the message digest embedded in /Contents..

I am using python to do this. Till now I have been able to get the /Content from signature dictionary using PyPDF2. The content is pkcs7--der encoded. Is there a way I can extract the signed message digest?

Similar operation was done in C as this answer

How did you get the value of '/Content' node from pdf using PyPDF2? — Shahbaz Khan, Dec 29 '20 at 14:31

score 1 · Answer 1 · answered Feb 05 '15 at 13:25

1

DER is binary format, its structure is called ASN.1. PEM format is Base64 encoded DER.

This online PEM decoder is very useful: http://lapo.it/asn1js/ After you identify the message signature in it, you can write code to extract it by any ASN.1 library.

answered Feb 05 '15 at 13:25

zakjan

2,391
1
19
29

Wel thanks for the direction. I have the decoded DER from the link you provided. 1) How do identify the signature? 2) Would the ASN.1 library let me parse this file and get what I desire? Have not worked much on all of it. I am still checking if all that helps. Will update once I am done. Thanks again. – Barun Sharma Feb 06 '15 at 06:47
I'd look into the corresponding [RFC2315](https://tools.ietf.org/html/rfc2315) for correct signature structure. The ASN.1 library will expect only the DER/PEM encoded data, you need to extract it out of your PDF. – zakjan Feb 06 '15 at 07:29

score 1 · Answer 2 · edited Oct 07 '21 at 13:35

The SignedData subtype of a CADES, CMS or PKCS#7 1.5 signature has a collection of SignerInfo blocks defined here contains basically:

SignerIdentifier: key into certificates collection
DigestAlgorithmIdentifier: which algorithm was used to calculate message digest
SignedAttributes (optional): the sealed data:
SignatureAlgorithmIdentifier: which algorithm was used to calculate the signature (over SignedAttributes)
SignatureValue: the signature value
UnsignedAttributes (optional)

The SignedAttributes may contain, depending on the type of signature:

ContentType: type of signed content
MessageDigest
SigningTime
CounterSignature

If we would simplify this using just the first signature found and using my fork of pyx509 this could be some type of code like this one (not tested):

from pyx509.models import PKCS7
pkcs7 = PKCS7.from_der(here_goes_your_pks7_signature_data_der_encoded)
signer_info = pkcs7.content.signerInfos[0]
auth_attrs = signer_info.auth_attributes
for attr in auth_attrs.attributes:
    if attr.type == '1.2.840.113549.1.9.4':  # Message Digest OID
        message_digest = attr.value
        print "Digest: %s#%s" % (signer_info.oid2name(signer_info.digest_algorithm), messageDigest)

*If we would simplify this using just the first signature found* - integrated PDF signatures allow only a single `SignerInfo` in each `SignedData`; so, no simplification warning required in this respect. — mkl, Sep 22 '15 at 12:10

extract signature from digital certificate

2 Answers2

Linked