Signature Wrapping Attack
It seems that signature verification is vulnerable to signature wrapping attacks (https://pdf-insecurity.org/download/paper.pdf).
As per https://bugs.freedesktop.org/show_bug.cgi?id=16770 and FormFieldSignature::validateSignature
, it seems that it is not verified that byte ranges in signatures actually cover the whole document (except for the actual signature).
It seems possible to create a fake signed document from a valid document as follows:
- Embed a valid document into a malicious document.
- Duplicate the signature from the valid document into the malicious document.
- Replace the byte range to point to the embedded document.
This would make pdfsig claim that a document is properly signed by somebody when it is not.