验证PDF文件中的签名时会出现此问题.标准中说:
消息摘要计算过程的结果取决于signedAttrs字段是否存在.当该字段不存在时,结果仅是如上所述的内容的消息摘要.但是,当该字段存在时,结果是signedAttrs字段中包含的SignedAttrs值的完整DER编码的消息摘要.
我解析了签名并得到了signedAttrs
:
[0](4 elem) SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.1.9.3 // ContentType SET(1 elem) OBJECT IDENTIFIER1.2.840.113549.1.7.1 SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.1.9.5 // SigningTime SET(1 elem) UTCTime2014-04-13 02:58:41 UTC SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.1.9.4 // MessageDigest SET(1 elem) OCTET STRING(20 byte) 194E0BA9C4B9A53D5E9E5B7B94D7DB42BEA4C28F SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.1.9.15 SET(1 elem) SEQUENCE(8 elem) SEQUENCE(1 elem) OBJECT IDENTIFIER2.16.840.1.101.3.4.1.42 SEQUENCE(1 elem) OBJECT IDENTIFIER2.16.840.1.101.3.4.1.22 SEQUENCE(1 elem) OBJECT IDENTIFIER2.16.840.1.101.3.4.1.2 SEQUENCE(1 elem) OBJECT IDENTIFIER1.2.840.113549.3.7 SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.3.2 INTEGER128 SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.3.2 INTEGER64 SEQUENCE(1 elem) OBJECT IDENTIFIER1.3.14.3.2.7 SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.3.2 INTEGER40
和DER编码:
A081D8301806092A864886F70D010903310B06092A864886F70D010701301C06092A864886F70D010905310F170D3134303431333032353834315A302306092A864886F70D01090431160414194E0BA9C4B9A53D5E9E5B7B94D7DB42BEA4C28F307906092A864886F70D01090F316C306A300B060960864801650304012A300B0609608648016503040116300B0609608648016503040102300A06082A864886F70D0307300E06082A864886F70D030202020080300D06082A864886F70D0302020140300706052B0E030207300D06082A864886F70D0302020128
我计算了它的摘要,并与加密摘要的解密结果进行了比较.但它失败了.
我应该计算整个signedAttrs
字段或某些属性或其他任何内容的摘要?
编辑:这是我要验证的PDF文件