OpenSSL recipes to verify the signature --------------------------------------- download the following files: sig.bin - contains the signature in binary TargetCollidingCertificate2.cer - contains the certificate publickey.der - contains the public key from the certificate .pdf - any (or all) of the twelve PDF files first recipe ------------ does raw rsa verification with recovery, this will recover the MD5 hash value from the signature verify the signature openssl rsautl -in sig.bin -inkey TargetCollidingCertificate2.cer -certin -keyform DER -verify -pkcs -asn1parse the output should be 0:d=0 hl=2 l= 32 cons: SEQUENCE 2:d=1 hl=2 l= 12 cons: SEQUENCE 4:d=2 hl=2 l= 8 prim: OBJECT :md5 14:d=2 hl=2 l= 0 prim: NULL 16:d=1 hl=2 l= 16 prim: OCTET STRING 0000 - 3d 51 5d ea d7 aa 16 56-0a ba 3e 9d f0 5c bc 80 =Q]....V..>..\.. note that the MD5 hash value is shown on the last line openssl can be used to generate the MD5 hash value of a file as follows openssl md5 ".pdf" the output should be MD5(.pdf)= 3d515dead7aa16560aba3e9df05cbc80 verification of the signature now is checking that both MD5 hash values are identical second recipe ------------- verifies the signature directly on the PDF-files, but this method has the disadvantage that it cannot use the certificate directly, it uses the public key instead (I haven't found an openssl option that directly verifies a signature on a file against a certificate) verify the signature openssl dgst -verify pubkey.der -keyform DER -signature sig.bin ".pdf" the output should be Verified OK additional ---------- show that the public key in the file publickey.der is the same as the one in the certificate openssl asn1parse -in pubkey.der -inform DER -strparse 19 openssl asn1parse -in TargetCollidingCertificate2.cer -inform DER -strparse 234 the outputs should be identical to validate the certificate with its root certificate, see the colliding certificates website