You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@pdfbox.apache.org by Wolfgang Bauer <Wo...@xitrust.com> on 2019/03/01 08:01:04 UTC
Re: PDF Signature Spoofing
Hi Tilman,
thanks for the hint with the lenient mode (I wasn't aware of this
feature, as it is not exposed by the static PDDocument.load methods).
I tried it and now the COSParser throws an Exception as expected.
>
> Can you explain what you mean? I thought that the current check did
> just
> that.
>
As far as I understood the attack, the signature object is modified by
the attacker and the /Byterange modified in such a way that the
cryptographically verification still holds (the gap between the two
signed ranges is increased). As a result of this, the actually used
/Byterange (the modified one) is no longer part of the signed data.
So my first idea was to check if the actually used /Byterange array is
covered by the signature (is not in the unsigned gap).
Anyway, I think turning off the lenient mode together with the "covers
whole document" check, should provide an adequate security level.
Thanks a lot for your valuable feedback,
Wolfgang