Why PFX's public key is different when sign pdf document?

Question

Using a certificate that I created, I signed a PDF document with the iTextSharp library.

When, in the pdf signature panel, I will see the public signature I have the following information in hexa

But, when I get the public key from the same certificate through my code in c#

    var certificate = new X509Certificate2(@"C:\mycert.pfx", "pass");
    byte[] publicKey = certificate.PublicKey.EncodedKeyValue.RawData;

The result in decimal (converted to Hexa) is different.

e.g. In the byte array 5 is 130 - 82 in Hexa, but in pdf, the 6th key is 0D in hexa

What I'm doing wrong?

Thanks and Sorry for my english.

Answer 1

As far as the cause for the discrepancy is concerned, your question is a duplicate of this question; the answer explains:

The difference is that Adobe presents the hex dump of the complete SubjectPublicKeyInfo object (the public key including the algorithm information and the key value) while your code only dumps the RSAPublicKey (the key itself).

...

For more details read there.

You actually can recognize the plain public key in the Adobe Reader output, it starts at the end of the first line,

[...] 30 82 02

0A 02 82 02 01 00 FA 8B ...

---

The solution is slightly different, though, as the code in that question is in Java.

Your code uses the System.Security.Cryptography.X509Certificates class X509Certificate2. As far as I can see this class does not expose the whole SubjectPublicKeyInfo by itself. Thus you should use a different class here.

An obvious choice would be BouncyCastle classes, either X509CertificateStructure or X509CertificateHolder, depending on the BouncyCastle version you use (an older version of BouncyCastle is included in iTextSharp, newer ones can be retrieved from their web site). These classes expose the SubjectPublicKeyInfo.