PDF digital signature

Hi everybody,

following on my work, i am trying to digitally sign a PDF document.
using example found in this forum, i am able to create signature
dictionary, insert signature appearance, define the Context field, and
calculate the right Byte Range to obtain a message digest.
my problem is inserting the digital signature in context field. I read
adobe specification, in which they specify that Context field should
contain the public key and the message digest, encrypted with generate
private key.
looking inside some signed document i suppose that data representation
is in DER format. I try to put a x.509 certificate in DER format and
then the encrypted digest. After calculating the digest i transform
the hash code in DER putting the DER preamble and then the hash
Hexadecimal code.
but when i check this signature with a PDF reader, it says that
document is changed after signature.
Is it my procedure correct, or data should be inserted in other
format ?
my project is in .NEt environment, I use C# and openssl-net as
cryptographic library.

thanks for any hint or help.


silvio forno


If you are using the adbe.pkcs7.detached SubFilter, the Contents entry
must contain a DER encoded PKCS#7 binary data. The PKCS#7 data must at
least contain the X.509 signing certificate, and the signed digest
data (the actual signature). Putting these information in the Contents
field without following PKCS#7 standard will make conforming readers
report that there is a problem with the signature.

For adbe.x509.rsa_sha1 SubFilter, the X.509 signing certificate goes
to the Cert entry in the Signature Dictionary. The Contents in this
case will contain DER encoded PKCS#1 binary data (which will be the
calculated signature).

You can consult section 12.8.3 of PDF32000_2008.pdf for more
information, or look at RFC 2315 for information about the PKCS#7

thanks for your kind reply
i look at some digital signature in some pdf documents, and find that in case of detached subfilter, normally the signer info are also contained into contents fiels, as part of pkcs#7.
in some cases , looking at structure, i find also a message digest section. as far as i have known, this field is present in pkcs#7 only if there are some signer attribute. but my question is: in case of this field it refers to the message digest (calculated with byte range) or refers to the pkcs#7 ? in this case how i can compute this value ?

thanks in advance


silvio forno

It is most likely the calculated digest over the document's byte range
as this is what it would be when the adbe.pkcs7.sha1 SubFilter is

For adbe.pkcs7.detached SubFilter though, signedData fields (other
than the signature) are not required according to the PDF
"adbe.pkcs7.detached: The original signed message digest over the
document's byte range shall be incorporated as the normal PKCS#7
SignedData field. No data shall be encapsulated in the PKCS#7
SignedData field."

Some PDF signers though would still add the message digest even though
adbe.pkcs7.detached SubFilter is used. There are several reasons for
doing so: using different digest algorithm than SHA-1, ease of
verification, etc.

hi vincent,

how are you ?

i hope fine

I almost finish the digital signature process. now i am able to put a digital signature in a pdf form field, together with an image of graphical signature.
I have only a little problem. after i signed the document, if i open the pdf with pdf-xchange or other reader everything is fine. If I use acrobat reader, i see that document is signed, but is not verified. when I try with adobe reader, i obtain the following error "could not verify signature" "expected a dict object"
i put the document signed by my program.

do you have any hints on this subject ?

thanks again


silvio forno

cfa_signed.pdf (44 KB)