Copy link to clipboard
Copied
Hello.
I have a pdf file that is digitally signed using a certificate and timestamp.
And I want to verify this document in plugin's sigValidate( ) function and display the valid, invalid, etc.
The DocSign sample programs appear to be comparing only digest hash values in the sigValidate function.
Is it sufficient to verify the digest hash value here?
Or do I need to verify other parts (such as certificate or timestamp verification)?
Thanks.
Checking digest values tells you whether the document has been modified since it was signed, but it does not check the authenticity of the signature. A full validation will check the certificate chain back to the certifying authority. openssl might be your friend here.
Copy link to clipboard
Copied
Checking digest values tells you whether the document has been modified since it was signed, but it does not check the authenticity of the signature. A full validation will check the certificate chain back to the certifying authority. openssl might be your friend here.
Copy link to clipboard
Copied
I understand.
But, I only want to check the digest value in my plugin.
I would like to use the results of the test performed by the acrobat reader for the certificate chain and time stamp inspection.
Is this possible?
Thank you.
Copy link to clipboard
Copied
I mean.
Acrobat reader offers excellent implementation of certificate verification and time stamp verification.
I want to use this function that works well.
I just want to add one more validation (e.g., marked as expiring 10 days after signing) to existing document validation features.
Is this possible?
Thank you.