Previous Next
APPENDIX I
I Computation of Object
Digests
This appendix describes the algorithm for computing object digests (discussed in
Section 8.7, “Digital Signatures”). The computation uses a hashing method, spec-
ified by the DigestMethod entry of the signature reference dictionary (see Table
8.103). Its value can be SHA1 for the Secure Hash Algorithm 1 (SHA-1) or MD5
for the MD5 message-digest algorithm; see the Bibliography. Both algorithms op-
erate on an arbitrary-length stream of bytes to produce a digest of fixed length (16
bytes for MD5, 20 bytes for SHA-1).
The following sections describe how the stream of bytes to be digested is generat-
ed, starting with a specific object within a PDF file. A PDF object is digested by re-
cursively traversing the object hierarchy beginning with the given object. Objects
encountered during the traversal are categorized as basic PDF types, described in
Section I.1, “Basic Object Types,” or more complex types, described in Section I.2,
“Selective Computation.” Each object is digested as it is processed. Not all objects
may be included, depending on the transform method and parameters (see Sec-
tion 8.7.1, “Transform Methods”) that are being used.
I.1 Basic Object Types
The basic PDF object types are listed in Table I.1. For each type, the following
data is digested:
• a single-byte type identifier
• other bytes representing the value of the data, as described in Table I.1
Dictionaries and arrays can contain indirect references to other objects; therefore,
the data can be recursive. To prevent infinite recursions, the algorithm keeps
track of all indirect objects visited during a recursive descent into a given object.
1131
Previous Next