So we banging our head against the wall with this problem. See example:
https://drive.google.com/file/d/13Ydz70FtOFO8CtUR5u74Ej-7k1gIsnUX/view?usp=sharing
Above document is signed using an external provider (sha256WithRSA) . When the document is opened in A.reader you get the message
At least one signature is invalid
and when clicking on the visible signature (last page your get a pop-up with the message:
Error during BER decoding
We parsed the /Contents of the /Sig object ( in the PDF 34 0 obj) as a ASN1Sequence object (Java) en checked it is a valid PKCS7 signed data object (it is). When validating the signature it fails (using a Java verifier program) but we don't know why. Below the contents of the /Contents (PKCS7 object) for your convenience:
ASN1Sequence [
Element 0: 1
Element 1: [[[[2.5.4.6, EE]], [[2.5.4.10, AS Sertifitseerimiskeskus]], [[2.5.4.97, NTREE-10747013]], [[2.5.4.3, TEST of EID-SK 2016]]], 49055107554612652537246105176508960687]
Element 2: [2.16.840.1.101.3.4.2.1, NULL]
Element 3: [CONTEXT 0][[1.2.840.113549.1.9.3, [1.2.840.113549.1.7.1]], [1.2.840.113549.1.9.5, [241101172455Z]], [1.2.840.113549.1.9.4, [#8eb3dcf8e0754f9375b4e3c502bf5cb4b0540bfff399c29ea6394138e6dd2ed0]], [1.2.840.113549.1.9.16.2.47, [[[[#40526c34d739c7f78b36f04432e9a4067c376e93c95fbe005f7c1aa58fca6cbd]]]]]]
Element 4: [1.2.840.113549.1.1.11, NULL]
Element 5: #3960410ed9dd02a26c2cd94790487563d165f50adcfd5946634ca80e0afb649e1c5fc026083c041f0acafc823f98fadd76eca169926f76322aa342f126de3e685460b8af982b9d8d3af29757796fe0d39abd0074d0951e7bc232517024d49f7dbcf9c0d4324dcdbbb03a6621953f6a55e572e3c51872abcabbc1265d4f875e1b904cf9546f497fb9bb25463375014b904d6077c23a49a3ea222553208d67b3e62c5b382de3fd150049b44c7175ce1bfe5a4336027a6dcd29905589a8ab97043c4c96082c77b656f7fe01235d42d4475f68701cf0def292296ebc6429d64290ccfe954a122e6cae452629087556359a5b2291c3facd02ff5c90270f6083bb43634d6556c322fb3d6f82086a0fd2f04c77f96184bbedffc7fcd0c2e39816ac9b8ec4988583ab4f9e5bd05717683aff82f9d3573c575bc4f38ef4d771d1e6ebf1b0432b4b801a3c424287cc72ac33ae4fe78a73241e54ebc961b617a4134f640e14d336823a813f23ac62596cc5a018add4adf084864e7afc927106e0ef43c14b66811626c282ea112ab2afbe23f8da03933494d329799577f6a28016707bacac6b372816930d198503e240805dc6ff97454757bda5fb94b8a658300c7935b03914368a05790805aea72df6c779d282763e193fdabe42d7cd3e9ca914104000746281ef7dd6752ff8b758222466d3ec9151ac0145cfa207552d5ad5aed7728d8dbd8d425a2937ea7ee09a05ebad5e6d7c76c5b31393dbadb0adecdbd1bd5e90656d8a07cfb27f2416159c5c93423563072a531cb713c7457ffa2040a7e403d38146c76d95073cd402d4ea1ae0ace10cb3faaba749e3e186fb968165971383cc7cd8a15c7461ba26fa7ead27a3b7a71a77160139deda13e3b161b62f9ca7c2965e6f0ac2be2eeff865efab6d3e903e56a1775dfaf0b572a3d673ce523b0951900651ea67c2e7d7ac4d6262eedf56d4f6f311a8b219c0d46fd713fa69b67d62bd4965d2861ed41ce3e33b83a17623c74287edce10146b1e30ee1fefeedd2e056a92fe220ff2491aa89a472f975243367b8ac5bb64fdbbb4bc6127e729f239de38a903
]
Any suggestions ? Thx a lot!
Summarizing the discussion in the comments to the question.
A BER decoding issue can occur because of an error in the CMS/PKCS#7 signature container structure, and that's where one usually looks first. But that structure was ok in the case at hand. Alternatively, a BER decoding issue can occur when checking the contained signature value: RSASSA-PKCS1-v1_5 signatures essentially are RSA encrypted BER encoded DigestInfo
structures containing a hash algorithm identifier and a hash value.
Thus, I decrypted the enclosed signature value using the public key of the alleged signer certificate. As result I got something that is not a BER encoded ASN.1 structure at all, let alone a PKCS#1 DigestInfo
object, nor does it match the alternative RSASSA-PSS signing scheme format. So this most likely is why Adobe Acrobat reports "Error during BER decoding"
This kind of error often means that there is a key mismatch: The signature has not been created with the private key matching the public key in the alleged signer certificate but instead some other key.
Indeed, in this case it turned out that
there is a Auth cert and a Sign cert and we imported the Auth cert in the PDF.