Resolving issues with invalid digital signatures

When signing documents, there are several potential reasons why the generated signatures may be invalid. This article will guide you through the most common causes and how to troubleshoot them effectively.

Mismatched private key and certificate

A possible reason for invalid signatures is that the private key used for signing doesn’t match the public certificate included in the signature. To verify that your private key and certificate pair match, use OpenSSL with the following commands.

Check the private key (assuming it’s in private-key.pem):

openssl rsa -noout -modulus -in private-key.pem | openssl md5

Check the certificate (assuming it’s in certificate.pem):

openssl x509 -noout -modulus -in certificate.pem | openssl md5

The MD5 hashes produced by these commands should match. If they don’t, the private key and certificate do not correspond, and you must obtain the correct pair.

Incorrect signature format

Digital signatures can follow different formats, and providing the wrong format can result in invalid signatures. The two main formats are:

• PKCS#7 (CMS) — A container-based signature format that includes additional metadata, such as certificates and optional attributes.

• PKCS#1 — A plain signature format consisting solely of the RSA-encrypted hash.

When implementing the signing callbacks that return the signed data, it’s crucial to specify the correct format. For example, on iOS, refer to the SignedDataFormat documentation for guidance. Using the wrong format will produce a signature that cannot be validated.

Understanding the signature format is particularly important when using an external hardware security module (HSM), a backend service, or any external signing mechanism. These systems may produce signatures in PKCS#7 or PKCS#1 formats, and you need to ensure your implementation aligns with the output format they provide.

Always check the documentation for your HSM or backend signing service to confirm the format it produces.