[okular] [Bug 496490] Okular "corrupts" (QES-)signed documents
Sune Vuorela
bugzilla_noreply at kde.org
Tue Dec 3 13:08:01 GMT 2024
https://bugs.kde.org/show_bug.cgi?id=496490
--- Comment #3 from Sune Vuorela <kde at pusling.com> ---
(In reply to Sune Vuorela from comment #2)
> From a quick analysis.
>
> Okular does not corrupt the document I analyzed. Poppler just think the
> signature is weird in part of the code. I still need to get a bit closer to
> why; I'm also a bit perplexed about having discovered a partial asn1 parser
> in the poppler code. Work still ongoing.
I have to correct myself. I have started to wonder if PDF-Over is actually
doing as expected.
The signature blob is, as I read the pdf spec, supposed to be a hex dump of a
CMS object that is padded with '0' to fill the expected size.
It looks like on this file we have the CMS object that is padded with random
stuff. The signature blob is at least suspiciosly 4096 bytes long. The CMS
object itself 2111 bytes long according to the length encoding of the CMS
object.
But I also only have two piece of data. It is a bit much to extrapolate from,
but all the tools seems to agree.
Also if I replace the 'random stuff' with zeroes it validates.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Okular-devel
mailing list