Re: [bulk] Re: PDF Signatures: ByteRange verification

[Frank Cornelis <fr...@fedict.be>]

Hi Thomas,


Finally managed to verify the ByteRange. I should read the specs first. 
:) Contents is a hexadecimal string, enclosed with angle brackets. So 
for ByteRange verification formula I have:
offset1 == 0
offset2 == offset1 + length1 + signatureValue.length * 2 + 2

* 2 because of hexadecimal encoding
+ 2 because of the angle brackets.


Kind Regards,
Frank.

On 12/11/2011 01:25 AM, Thomas Chojecki wrote:
> Am 09.12.2011 17:09, schrieb Frank Cornelis:
>> Hi,
> Hi Frank,
>
>> Participating the ETSI PAdES plugtests using PDFBox I'm now trying to
>> verify the correctness of the ByteRange of a PDF signature.
>> I already managed to get the offset of the signature dictionary via
>> COSDocument.getXrefTable(). But now I would need to be able to find the
>> exact location of the Contents direct dictionary entry to be able to
>> compare its location against the values given in the ByteRange.
> Why do you need the exact position for checking the signature?
>
> If you want to compare the signature size against the byte range, you
> can grab the signature via the
> COSDictionary.getString(COSName.CONTENTS).length() and check it against
> the byte range or the lenght of the byte[] from getSignature()
>
> Or you can go your way and use a FilterInputStream and seek through the
> file till you get what you are searching (Signature Dictionary) and then
> read each byte till you find the CONTENTS.
>
> Maybe you find another way to check it, then let me know ;-)
>
>> Kind Regards,
>> Frank.
> Best Regards
> Thomas