My Profile
Sign Out
Tickets
Knowledge Base
Login
Create Ticket
Articles in this section
Category / Section
  2. WinForms
  3. PDF

How to validate digitally signed PDF document using C# and VB.NET

4 mins read

The Syncfusion Essential PDF is a .NET PDF library that provides an API to validate the digital signatures, you can validate the digital signatures in any number of PDF document without human interaction. To ensure the authenticity and integrity of the PDF document, validate the digital signature present in the PDF document.

Digital signature validation covers the following steps to ensure validity of the signatures:

  1. Validate the document modification.
  2. Validate the certificate chain.
  3. Ensure the signature with timestamp time.
  4. Check the revocation status of the certificate with OCSP and CRL.
  5. Ensure the multiple digital signatures.

Steps for digital signature validation programmatically in C#:

  1. Create a new C# console application project. Create a console application in Visual Studio
  2. Install the Syncfusion.Pdf.WinForms NuGet package as reference to your .NET framework  

application from NuGet.org.       Refer NuGet to the project  

3.    Include the following namespaces in the Program.cs file.

              C#

using Syncfusion.Pdf.Parsing; 
using Syncfusion.Pdf.Security;
using System.Security.Cryptography.X509Certificates;

 

              VB.NET

Imports Syncfusion.Pdf.Parsing
Imports Syncfusion.Pdf.Security;
Imports System.Security.Cryptography.X509Certificates;

4.    The following code example shows how to validate all the digital signatures present in an existing

       PDF document.

              C#

//Load an existing PDF document
PdfLoadedDocument document = new PdfLoadedDocument("Input.pdf");
//Load PDF form
PdfLoadedForm form = document.Form;
 
List<PdfSignatureValidationResult> results;
 
if (form != null)
{
 
//Validate all the digital signatures present in the PDF document
bool isvalid = form.Fields.ValidateSignatures(out results);
 
//Show the result based on the result
if (isvalid)
Console.WriteLine("All signatures are valid");
else
Console.WriteLine("At least one signature is invalid");
 
}
 
//Close the document
document.Close(true);

               VB.NET              

'Load an existing PDF document
Dim document As PdfLoadedDocument = New PdfLoadedDocument("Input.pdf")
'Load PDF form
Dim form As PdfLoadedForm = document.Form
Dim results As List(Of PdfSignatureValidationResult)
 
If form IsNot Nothing Then
'Validate all the digital signatures present in the PDF document
Dim isvalid As Boolean = form.Fields.ValidateSignatures(results)
'Show the result based on the result
If isvalid Then
Console.WriteLine("All signatures are valid")
Else
Console.WriteLine("At least one signature is invalid")
End If
End If
'Close the document
document.Close(True)

 

The above code example shows how to iterate and validate all the digital signatures present in the PDF document. If any one of the digital signatures is invalid, the result will be “false”, also you can get the validation result of the individual signatures.

The “PdfSignatureValidationResult” contains the information about digital signature and its status.

Validate individual digital signature in an existing PDF document

You can iterate and validate individual digital signatures from an existing PDF document, the following code shows how to validate the individual digital signatures.

               C#

  //Load an existing PDF document
PdfLoadedDocument document = new PdfLoadedDocument("Input.pdf");
//Load PDF form
PdfLoadedForm form = document.Form;
 
if (form != null)
{
foreach (PdfLoadedField field in form.Fields)
{
if (field is PdfLoadedSignatureField)
{
PdfLoadedSignatureField signatureField = field as PdfLoadedSignatureField;
 
//Check whether the signature is signed
if (signatureField.IsSigned)
{
//Validate the digital signature
PdfSignatureValidationResult result = signatureField.ValidateSignature();
 
if (result.IsSignatureValid)
Console.WriteLine("Signature is valid");
else
Console.WriteLine("Signature is invalid");
 
//Retrive the signature information
Console.WriteLine("<<<<<Validation summary>>>>>>>");
Console.WriteLine("Digitally Signed by: " + signatureField.Signature.Certificate.IssuerName);
Console.WriteLine("Valid From: " + signatureField.Signature.Certificate.ValidFrom);
Console.WriteLine("Valid To: " + signatureField.Signature.Certificate.ValidTo);
Console.WriteLine("Signature Algorithm : " + result.SignatureAlgorithm);
Console.WriteLine("Hash Algorithm : " + result.DigestAlgorithm);
Console.WriteLine("Cryptographics Standard : " + result.CryptographicStandard);
Console.Read();         
 document.Close(true);

             

               VB.NET               

'Load an existing PDF document
Dim document As PdfLoadedDocument = New PdfLoadedDocument("Input.pdf")
'Load PDF form
Dim form As PdfLoadedForm = document.Form
 
If form IsNot Nothing Then
 
For Each field As PdfLoadedField In form.Fields
 
If TypeOf field Is PdfLoadedSignatureField Then
Dim signatureField As PdfLoadedSignatureField = TryCast(field, PdfLoadedSignatureField)
'Validate the digital signature
Dim result As PdfSignatureValidationResult = signatureField.ValidateSignature()
 
If result.IsSignatureValid Then
Console.WriteLine("Signature is valid")
Else
Console.WriteLine("Signature is invalid")
End If
'Retrive the signature information
Console.WriteLine("<<<<<Validation summary>>>>>>>")
Console.WriteLine("Digitally Signed by: " & signatureField.Signature.Certificate.IssuerName)
Console.WriteLine("Valid From: " & signatureField.Signature.Certificate.ValidFrom)
Console.WriteLine("Valid To: " & signatureField.Signature.Certificate.ValidTo)
Console.WriteLine("Signature Algorithm : " & result.SignatureAlgorithm)
Console.WriteLine("Hash Algorithm : " & result.DigestAlgorithm)
Console.WriteLine("Cryptographics Standard : " & result.CryptographicStandard)
End If
Next
End If
Console.Read()
document.Close(True)

 

A complete working sample can be downloaded from DigitalSignatureValidation.Zip.

By executing the example, you will get the PDF document with following information.

Signature validation result

Validating signatures against trusted list

You can create and pass your own trusted list of certificates to validate the digital signature in the PDF document.

The following example shows how to load local windows certificate store and validate the digital signature against windows certificate store.

              C#

//Load an existing PDF document
PdfLoadedDocument document = new PdfLoadedDocument("Input.pdf");
//Load PDF form
PdfLoadedForm form = document.Form;
 
//Load windows certificate store
X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
 
if (form != null)
{
foreach (PdfLoadedField field in form.Fields)
{
if (field is PdfLoadedSignatureField)
{
PdfLoadedSignatureField signatureField = field as PdfLoadedSignatureField;
 
//Validate the digital signature against windows certificate store.
PdfSignatureValidationResult result = signatureField.ValidateSignature(collection);
 
if (result.IsSignatureValid)
Console.WriteLine("Signature is valid");
else
Console.WriteLine("Signature is invalid");
 
//Update the signatures status based on the certificate validation against certificate store
Console.WriteLine("Signature status: " + result.SignatureStatus);
 

 

VB.NET 

'Load an existing PDF document
Dim document As PdfLoadedDocument = New PdfLoadedDocument("Input.pdf")
'Load PDF form
Dim form As PdfLoadedForm = document.Form
'Load windows certificate store
Dim store As X509Store = New X509Store("MY", StoreLocation.CurrentUser)
store.Open(OpenFlags.[ReadOnly] Or OpenFlags.OpenExistingOnly)
Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
 
If form IsNot Nothing Then
 
For Each field As PdfLoadedField In form.Fields
 
If TypeOf field Is PdfLoadedSignatureField Then
Dim signatureField As PdfLoadedSignatureField = TryCast(field, PdfLoadedSignatureField)
'Validate the digital signature against windows certificate store.
Dim result As PdfSignatureValidationResult = signatureField.ValidateSignature(collection)
 
If result.IsSignatureValid Then
Console.WriteLine("Signature is valid")
Else
Console.WriteLine("Signature is invalid")
End If
'Update the signatures status based on the certificate validation against certificate store
Console.WriteLine("Signature status: " & result.SignatureStatus)
End If
Next
End If

 

Take a moment to peruse the documentation, where you will find other options like signature validation appearance and digital signature with custom appearance .

Click here to explore the rich set of Syncfusion Essential PDF features.

See Also:

Digital signature and timestamp pdf

Working with digital signature

How to digitally sign an existing PDF document

How to remove the digital signature from an existing PDF

How to digitally sign a PDF file in C#, VB.NET

How to create the PDF digital signature with custom appearance

How to digitally sign PDF using X509Certificate2 in C# and VB.NET

Note:

Starting with v16.2.0.x, if you reference Syncfusion assemblies from trial setup or from the NuGet feed, include a license key in your projects. Refer to link to learn about generating and registering Syncfusion license key in your application to use the components without trail message.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Did you find this information helpful?
Yes
No
Help us improve this page
Please provide feedback or comments
Comments
Please  to leave a comment
Access denied
Access denied