I'm validating a signed PDF document and I need to know whether the hash was signed or the whole document.
Which tools to use? And how?
Thank you.
Asked
Active
Viewed 147 times
0
-
none of the above . a hash of the document is signed along with some other fields such as the reference to the certificate used or the content type. You can verify the signature with itext or pdfbox. Note also that there are different kinds of pdf signatures. http://stackoverflow.com/questions/25957573/unable-to-verify-digital-signature-using-apache-pdfbox – pedrofb Jul 22 '16 at 15:40
-
Where's the programming related question? – Maarten Bodewes Jul 23 '16 at 09:22
-
@Traveler The first paragraph of your question is unclear, in particular *"whether the hash was signed or the whole document"* as signing schemes usually merely operate on a hash of the signed data, not the signed data as a whole; the question might only be how many times hashing is applied and which hashing algorithms are used. The second paragraph, in particular *"Which tools to use"*, is off-topic on stackoverflow. – mkl Jul 25 '16 at 13:23