Digest Mismatch when signing with pdfbox and GCP KMS

Question

I'm trying to follow this guide to sign a pdf with Google Clouds KMS. When testing with pdfsig I get:

  - Total document signed
  - Signature Validation: Digest Mismatch.

Adobe Acrobat says:

Signature is invalid:
Source of Trust obtained from Adobe Approved Trust List (AATL).
    Document has been altered or corrupted since it was signed
    Signer's identity is valid
    The signature includes an embedded timestamp.
> Signature Details
    Last Checked: 2024.12.18 11:42:15 +02'00'
    Field: Signature1 (invisible signature)

But I'm not really sure what I'm doing wrong? The full code is available here, with a signed pdf in issue 1.

Answer 1

Analyzing your example PDF, I see 2 issues:

Encapsulated content

The signature container you create encapsulates the data to sign. This is wrong (as far as the PDF signature specification is concerned) and also makes no sense: After all, the CMS container is embedded into the PDF, so why should this embedded signature container in turn have an embedded copy of the PDF data it is embedded in?

Thus, replace

CMSSignedData signedData = gen.generate(msg, true); 

by

CMSSignedData signedData = gen.generate(msg, false); 

in CreateSignatureBase.sign.

Non-decryptable signature

When I attempt to decrypt the naked signature bytes using the public key of your signer certificate, the result neither ends with a 0xBC byte nor does it constitute a padded DigestInfo object. Thus, it is neither a complete RSASSA-PSS signature nor is it an old-style RSASSA-PKCS1-v1_5 one.

Something like this usually indicates that the public key in the alleged signer certificate does not match the private key used for signing.

Thus, please check the key you use for signing.