How can we Convert PKCS#1 to PKCS #7 if I have the Certificate?
https://stackoverflow.com/questions/12796545
-
06-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
I was developing a PDF signing tool. For this I will get a signed sha256 data of PDF in PKCS#1 format and a certificate from a device, I need to use these two to embed inside the PDF. Most of the PDF reader only support PKCS#7 signature.
Is there any way to convert a PKCS#1 signature to PKCS#7 signature (using certificate file) ?
I knew that PKCS#7 = Certificate + Optional raw data + Signature in PKCS#1 format
Solução
Your question somewhat oversimplifies the situation.
Concerning PKCS#7 <-> PKCS#1:
Yes, a PKCS#7 signature container contains SignerInfo objects which respectively essentially contain a PKCS#1 style signature and some attributes. BUT this PKCS#1 style signature generally is NOT merely signing the document data but instead is signing a structure of so called "signed attributes". One of these is a document hash, others can be the signing time, a link to the signer certificate, and other information; these extra information is required in many use cases. Only the most primitively built SignerInfo structures sign the document data directly.
In general, therefore, if you simply take a PKCS#1 signature of some data and wrap it in a PKCS#7 container, that signature container won't be accepted.
For details see RFC 3852.
Concerning integrated PDF signatures:
Your description of your implementation-to-be is somewhat vague. You seem to think that the document hash to sign is a hash of the original PDF. In case of integrated PDF signatures this is wrong: In order to create an integrated PDF signature, you first extend the PDF by some data which envelop a placeholder for the PKCS#7 signature container (recommended by the specification) or the PKCS#1 signature to integrate. Then you need to hash this extended PDF except the placeholder. (By the current PDF specification you could hash less than that but this won't be accepted by the current Adobe Acrobat/Reader and shouldn't be accepted by any serious verifier).
For details see ISO 32000-1:2008 as published by Adobe
Depending on the legal requirements you may also have to take into account PDF Advanced Electronic Signatures (PAdES) as specified by ETSI, cf. ETSI standard for EU-compliant electronic signatures. These will become part of ISO 32000-2, aka PDF 2.0.
So, are you still sure your use case allows for those very simple PKCS#7 signatures you have in mind, and are your PKCS#1 source signatures created for the right document? In that case building those containers is easily done by looking at RFC 3852.
Anyways, you should have a look at the whitepaper Digital Signatures for PDF documents by Bruno Lowagie (iText Software).
Outras dicas
Looking at RFC 3852 > 5.4. Message Digest Calculation Process
It is possible to simply convert PKCS#1 to PKCS#7 as long as there are not signed attributes in it. If there are then you are stuck as the PKCS#1 coverts ONLY the hash of the content and PKCS#7 with signed attributes required to construct an intermediary structure and hash of that structure is being signed.
