OK, I’ve worked out what’s going on. Leonidas is right, it’s not just the hash that gets encrypted (in the case of the Cipher class method), it’s the ID of the hash algorithm concatenated with the digest: DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING } Which is why the encryption by the Cipher … Read more
The open source iTextSharp library will allow you to do this. Here’s a post explaining how to digitally sign a pdf file. If you don’t want to use a third party library then you can implement it yourself but it could be a tough task -> you can start by reading the pdf specification (8.6MB)
The simple answer is that dgst -sign creates a hash, ASN1 encodes it, and then signs the ASN1 encoded hash, whereas rsautl -sign just signs the input without hashing or ASN1 encoding. Both methods include the input data in the output, together with the signature, rather than producing only a signature as output. Here is … Read more
Java 7 is required for the EC functionality and Java 8 for the Base 64 encoder / decoder, no additional libraries – just plain Java. Note that this will actually display the public key as a named curve when printed out, something most other solutions won’t do. If you have an up-to-date runtime, this other … Read more
If the certificate with a private key is on the client, then you need a client-side module to do signing. JavaScript won’t be enough as it won’t have access to the key on the client. While you can try calling CAPICOM from JavaScript, this is a partial (no PKCS#11 support), Windows-specific and obsolete solution. Better … Read more
First, unzip the APK and extract the file /META-INF/ANDROID_.RSA (this file may also be CERT.RSA, but there should only be one .RSA file). Then issue this command: keytool -printcert -file ANDROID_.RSA You will get certificate fingerprints like this: MD5: B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB SHA1: 16:59:E7:E3:0C:AA:7A:0D:F2:0D:05:20:12:A8:85:0B:32:C5:4F:68 Signature algorithm name: SHA1withRSA Then use the keytool again to print out all … Read more
To put Joeri’s answer into context, have a look at the Adobe technical white paper Adobe Acrobat 9 Digital Signatures, Changes and Improvements, especially its section “Allowed and disallowed changes.” Here Adobe clarifies the allowed changes (as seen by Acrobat 9 and up) that can be made to a certified or signed document without invalidating … Read more