How to validate digitally signed PDF document using C# and VB.NET?
The Syncfusion Essential PDF is a .NET PDF library that provides an API to validate digital signatures. You can validate the digital signatures in any number of PDF documents without human interaction. To ensure the authenticity and integrity of the PDF document, validate the digital signature present in the PDF document.
Digital signature validation covers the following steps to ensure the validity of the signatures:
- Validate the document modification.
- Validate the certificate chain.
- Ensure the signature with timestamp time.
- Check the revocation status of the certificate with OCSP and CRL.
- Ensure multiple digital signatures.
Steps for digital signature validation programmatically in C#:
- Create a new C# console application project.
- Install the Syncfusion.Pdf.WinForms NuGet package as a reference to your .NET framework
application from NuGet.org. 
3. Include the following namespaces in the Program.cs file:
C#
using Syncfusion.Pdf.Parsing; using Syncfusion.Pdf.Security; using System.Security.Cryptography.X509Certificates;
VB.NET
Imports Syncfusion.Pdf.Parsing Imports Syncfusion.Pdf.Security Imports System.Security.Cryptography.X509Certificates
4. The following code example shows how to validate all the digital signatures present in an existing
PDF document.
C#
// Load an existing PDF document
PdfLoadedDocument document = new PdfLoadedDocument("Input.pdf");
// Load PDF form
PdfLoadedForm form = document.Form;
List<PdfSignatureValidationResult> results;
if (form != null)
{
// Validate all the digital signatures present in the PDF document
bool isvalid = form.Fields.ValidateSignatures(out results);
// Show the result based on the result
if (isvalid)
Console.WriteLine("All signatures are valid");
else
Console.WriteLine("At least one signature is invalid");
}
// Close the document
document.Close(true);VB.NET
' Load an existing PDF document
Dim document As PdfLoadedDocument = New PdfLoadedDocument("Input.pdf")
' Load PDF form
Dim form As PdfLoadedForm = document.Form
Dim results As List(Of PdfSignatureValidationResult)
If form IsNot Nothing Then
' Validate all the digital signatures present in the PDF document
Dim isvalid As Boolean = form.Fields.ValidateSignatures(results)
' Show the result based on the result
If isvalid Then
Console.WriteLine("All signatures are valid")
Else
Console.WriteLine("At least one signature is invalid")
End If
End If
' Close the document
document.Close(True)
The above code example shows how to iterate and validate all the digital signatures present in the PDF document. If any one of the digital signatures is invalid, the result will be "false". Additionally, you can get the validation result of the individual signatures.
The “PdfSignatureValidationResult” contains information about the digital signature and its status.
Validate individual digital signature in an existing PDF document
You can iterate and validate individual digital signatures from an existing PDF document. The following code shows how to validate the individual digital signatures.
C#
// Load an existing PDF document
PdfLoadedDocument document = new PdfLoadedDocument("Input.pdf");
// Load PDF form
PdfLoadedForm form = document.Form;
if (form != null)
{
foreach (PdfLoadedField field in form.Fields)
{
if (field is PdfLoadedSignatureField)
{
PdfLoadedSignatureField signatureField = field as PdfLoadedSignatureField;
// Check whether the signature is signed
if (signatureField.IsSigned)
{
// Validate the digital signature
PdfSignatureValidationResult result = signatureField.ValidateSignature();
if (result.IsSignatureValid)
Console.WriteLine("Signature is valid");
else
Console.WriteLine("Signature is invalid");
// Retrieve the signature information
Console.WriteLine("<<<<<Validation summary>>>>>>>");
Console.WriteLine("Digitally Signed by: " + signatureField.Signature.Certificate.IssuerName);
Console.WriteLine("Valid From: " + signatureField.Signature.Certificate.ValidFrom);
Console.WriteLine("Valid To: " + signatureField.Signature.Certificate.ValidTo);
Console.WriteLine("Signature Algorithm : " + result.SignatureAlgorithm);
Console.WriteLine("Hash Algorithm : " + result.DigestAlgorithm);
Console.WriteLine("Cryptographics Standard : " + result.CryptographicStandard);
}
}
}
}
// Close the document
document.Close(true);
VB.NET
' Load an existing PDF document
Dim document As PdfLoadedDocument = New PdfLoadedDocument("Input.pdf")
' Load PDF form
Dim form As PdfLoadedForm = document.Form
If form IsNot Nothing Then
For Each field As PdfLoadedField In form.Fields
If TypeOf field Is PdfLoadedSignatureField Then
Dim signatureField As PdfLoadedSignatureField = TryCast(field, PdfLoadedSignatureField)
' Validate the digital signature
Dim result As PdfSignatureValidationResult = signatureField.ValidateSignature()
If result.IsSignatureValid Then
Console.WriteLine("Signature is valid")
Else
Console.WriteLine("Signature is invalid")
End If
' Retrieve the signature information
Console.WriteLine("<<<<<Validation summary>>>>>>>")
Console.WriteLine("Digitally Signed by: " & signatureField.Signature.Certificate.IssuerName)
Console.WriteLine("Valid From: " & signatureField.Signature.Certificate.ValidFrom)
Console.WriteLine("Valid To: " & signatureField.Signature.Certificate.ValidTo)
Console.WriteLine("Signature Algorithm : " & result.SignatureAlgorithm)
Console.WriteLine("Hash Algorithm : " & result.DigestAlgorithm)
Console.WriteLine("Cryptographics Standard : " & result.CryptographicStandard)
End If
Next
End If
Console.Read()
document.Close(True)A complete working sample can be downloaded from DigitalSignatureValidation.Zip.
By executing the example, you will get the PDF document with the following information:
Validating signatures against trusted list
You can create and pass your own trusted list of certificates to validate the digital signature in the PDF document.
The following example shows how to load the local Windows certificate store and validate the digital signature against the Windows certificate store.
C#
// Load an existing PDF document
PdfLoadedDocument document = new PdfLoadedDocument("Input.pdf");
// Load PDF form
PdfLoadedForm form = document.Form;
// Load Windows certificate store
X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
if (form != null)
{
foreach (PdfLoadedField field in form.Fields)
{
if (field is PdfLoadedSignatureField)
{
PdfLoadedSignatureField signatureField = field as PdfLoadedSignatureField;
// Validate the digital signature against the Windows certificate store.
PdfSignatureValidationResult result = signatureField.ValidateSignature(collection);
if (result.IsSignatureValid)
Console.WriteLine("Signature is valid");
else
Console.WriteLine("Signature is invalid");
// Update the signature status based on the certificate validation against the certificate store
Console.WriteLine("Signature status: " + result.SignatureStatus);
}
}
}VB.NET
' Load an existing PDF document
Dim document As PdfLoadedDocument = New PdfLoadedDocument("Input.pdf")
' Load PDF form
Dim form As PdfLoadedForm = document.Form
' Load Windows certificate store
Dim store As X509Store = New X509Store("MY", StoreLocation.CurrentUser)
store.Open(OpenFlags.[ReadOnly] Or OpenFlags.OpenExistingOnly)
Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
If form IsNot Nothing Then
For Each field As PdfLoadedField In form.Fields
If TypeOf field Is PdfLoadedSignatureField Then
Dim signatureField As PdfLoadedSignatureField = TryCast(field, PdfLoadedSignatureField)
' Validate the digital signature against the Windows certificate store.
Dim result As PdfSignatureValidationResult = signatureField.ValidateSignature(collection)
If result.IsSignatureValid Then
Console.WriteLine("Signature is valid")
Else
Console.WriteLine("Signature is invalid")
End If
' Update the signature status based on the certificate validation against the certificate store
Console.WriteLine("Signature status: " & result.SignatureStatus)
End If
Next
End If
Take a moment to peruse the documentation, where you will find other options like signature validation appearance and digital signature with custom appearance.
Click here to explore the rich set of Syncfusion Essential PDF features.
See Also:
Digital signature and timestamp in PDF.
Working with digital signatures.
How to digitally sign an existing PDF document
How to remove the digital signature from an existing PDF
How to digitally sign a PDF file in C#, VB.NET
How to create a PDF digital signature with custom appearance
How to digitally sign PDF using X509Certificate2 in C# and VB.NET
Starting with v16.2.0.x, if you reference Syncfusion® assemblies from the trial setup or the NuGet feed, include a license key in your projects. Refer to the link to learn about generating and registering the Syncfusion® license key in your application to use the components without a trial message.
Conclusion
I hope you enjoyed learning about how to validate signed PDF documents using C# and VB.NET in WinForms PDF.
You can refer to our WinForms PDF feature tour page to learn about its other groundbreaking feature representations. You can also explore ourWinForms PDF documentation to understand how to create and manipulate data.
For current customers, you can check out our components from the License and Downloads page. If you are new to Syncfusion, you can try our 30-day free trial to check out our other controls.
If you have any queries or require clarifications, please let us know in the comments section below. You can also contact us through our support forums or feedback portal. We are always happy to assist you!
