PDF document verify exception

When I try to verify signed pdf document I get RuntimeException:

Exception in thread "main" java.lang.RuntimeException: algorithm identifier 1.2.398.3.10.1.1.1.1 in key not recognised
at org.bouncycastle.jce.provider.JDKKeyFactory.createPublicKeyFromPublicKeyInfo(Unknown Source)
at org.bouncycastle.jce.provider.X509CertificateObject.getPublicKey(Unknown Source)
at com.itextpdf.text.pdf.PdfPKCS7.<init>(PdfPKCS7.java:582)
at com.itextpdf.text.pdf.PdfPKCS7.<init>(PdfPKCS7.java:421)
at com.itextpdf.text.pdf.AcroFields.verifySignature(AcroFields.java:2307)
at Main.verifyPDF(Main.java:62)
at Main.main(Main.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)

my verification piece of code looks like this:

    public static boolean verifyPDF(String fileToVerify, KeyStore trustedStore, CRL crl) throws IOException, GeneralSecurityException {
    List<CRL> crls = null;
    if (crl != null) {
        crls = new ArrayList<CRL>(1);
        crls.add(crl);
    }
    boolean result = false;
    PdfReader checker = new PdfReader(fileToVerify);
    AcroFields af = checker.getAcroFields();
    ArrayList<String> names = af.getSignatureNames();

    for (int k = 0; k < names.size(); ++k) {
        String name = (String) names.get(k);
        System.out.println("Signature: " + name);
        com.itextpdf.text.pdf.PdfPKCS7 pk = af.verifySignature(name, "KALKAN");
        result = pk.verify();
        System.out.println("Signer certificate DN: " + pk.getSigningCertificate().getSubjectDN());
        Calendar cal = pk.getSignDate();
        X509Certificate pkc[] = (X509Certificate[]) pk.getSignCertificateChain();
        System.out.println("Document modified: " + !result);
        Object fails[] = PdfPKCS7.verifyCertificates(pkc, trustedStore, crls, cal);
        if (fails == null)
            System.out.println("Certificates verified against the KeyStore");
        else
            System.out.println("Certificate failed: " + fails[1]);
    }
    return result;
}

the exception occurs on this string:

com.itextpdf.text.pdf.PdfPKCS7 pk = af.verifySignature(name, "KALKAN");

I use patched iText library. I had to patch it because there was no algorithm like ECGOST34310 and I just added it. Signing is performed in usual way, there is no problem with it. Please help!

Thanks.

At first glance that OID 1.2.398.3.10.1.1.1.1 seems to be defined by a Kazakh authority (cf. this page), related to GOST 34,310-2.004 represented by the parent OID, without having yet been included in the mainstream BouncyCastle distribution, cf. the BouncyCastle specifications.

Thus, just like you have extended iText to be able to sign using GOST 34,310-2.004

I use patched iText library. I had to patch it because there was no algorithm like ECGOST34310 and I just added it.

you have to extend it (or in this case more exactly the crypto library BouncyCastle used by iText) to be able to verify signatures using GOST 34,310-2.004. Maybe, though, someone else already has done that and comes forth to help?

By the way, it would be great if you shared the results as soon as they work.

That all been said I am not aware of GOST being mentioned in the context of either ISO 32000-1 or PAdES integrated PDF signatures. Using GOST for PDF signatures, therefore, will likely result in very limited interoperability.