extract signature from digital certificate

Question

I get lot of pdfs in my system. I need to check if all of these files are:-

• digitally signed
• their integrity maintained(by comparing the hash of file content with the message digest embedded in /Contents..

I am using python to do this. Till now I have been able to get the /Content from signature dictionary using PyPDF2. The content is pkcs7--der encoded. Is there a way I can extract the signed message digest?

Similar operation was done in C as this answer

Answer 1

The SignedData subtype of a CADES, CMS or PKCS#7 1.5 signature has a collection of SignerInfo blocks defined here contains basically:

• SignerIdentifier: key into certificates collection
• DigestAlgorithmIdentifier: which algorithm was used to calculate message digest
• SignedAttributes (optional): the sealed data:
• SignatureAlgorithmIdentifier: which algorithm was used to calculate the signature (over SignedAttributes)
• SignatureValue: the signature value
• UnsignedAttributes (optional)

The SignedAttributes may contain, depending on the type of signature:

• ContentType: type of signed content
• MessageDigest
• SigningTime
• CounterSignature

If we would simplify this using just the first signature found and using my fork of pyx509 this could be some type of code like this one (not tested):

from pyx509.models import PKCS7
pkcs7 = PKCS7.from_der(here_goes_your_pks7_signature_data_der_encoded)
signer_info = pkcs7.content.signerInfos[0]
auth_attrs = signer_info.auth_attributes
for attr in auth_attrs.attributes:
    if attr.type == '1.2.840.113549.1.9.4':  # Message Digest OID
        message_digest = attr.value
        print "Digest: %s#%s" % (signer_info.oid2name(signer_info.digest_algorithm), messageDigest)
 

Answer 2

DER is binary format, its structure is called ASN.1. PEM format is Base64 encoded DER.

This online PEM decoder is very useful: http://lapo.it/asn1js/ After you identify the message signature in it, you can write code to extract it by any ASN.1 library.