Click here to Skip to main content
16,018,938 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
i am using below code to verify the signature

C#
PdfReader reader = new PdfReader(DestPdfFileName);
          AcroFields af = reader.AcroFields;
          var names = af.GetSignatureNames();

          if (names.Count == 0)
          {
              throw new InvalidOperationException("No Signature present in pdf file.");
          }

          foreach (string name in names)
          {
              if (!af.SignatureCoversWholeDocument(name))
              {
                  throw new InvalidOperationException(string.Format("The signature: {0} does not covers the whole document.", name));
              }

              PdfPKCS7 pk = af.VerifySignature(name);
              var cal = pk.SignDate;
              var pkc = pk.Certificates;
              pkc = pk.SignCertificateChain;
              // TimeStampToken ts = pk.TimeStampToken;
              cal = pk.SignDate;

              //if (ts != null)
              //    cal = pk.TimeStampDate;
              //if (!pk.IsTsp && ts != null)
              //{
              //    bool impr = pk.VerifyTimestampImprint();

              //}


              if (!pk.Verify())
              {
                  throw new InvalidOperationException("The signature could not be verified.");
              }
              //if (!pk.VerifyTimestampImprint())
              //{
              //    //throw new InvalidOperationException("The signature timestamp could not be verified.");
              //}

              //var fails = CertificateVerification.VerifyCertificates(pkc, X509Certificate2Signature(cert, "SHA1"), null, cal);
              //// var fails2 = CertificateVerification.VerifyCertificate(pkc, null, cal);
              //if (fails != null)
              //{
              //    // throw new InvalidOperationException("The file is not signed using the specified key-pair.");
              //}
          }


What I have tried:

i am using below code to verify the signature

C#
PdfReader reader = new PdfReader(DestPdfFileName);
          AcroFields af = reader.AcroFields;
          var names = af.GetSignatureNames();

          if (names.Count == 0)
          {
              throw new InvalidOperationException("No Signature present in pdf file.");
          }

          foreach (string name in names)
          {
              if (!af.SignatureCoversWholeDocument(name))
              {
                  throw new InvalidOperationException(string.Format("The signature: {0} does not covers the whole document.", name));
              }

              PdfPKCS7 pk = af.VerifySignature(name);
              var cal = pk.SignDate;
              var pkc = pk.Certificates;
              pkc = pk.SignCertificateChain;
              // TimeStampToken ts = pk.TimeStampToken;
              cal = pk.SignDate;

              //if (ts != null)
              //    cal = pk.TimeStampDate;
              //if (!pk.IsTsp && ts != null)
              //{
              //    bool impr = pk.VerifyTimestampImprint();

              //}


              if (!pk.Verify())
              {
                  throw new InvalidOperationException("The signature could not be verified.");
              }
              //if (!pk.VerifyTimestampImprint())
              //{
              //    //throw new InvalidOperationException("The signature timestamp could not be verified.");
              //}

              //var fails = CertificateVerification.VerifyCertificates(pkc, X509Certificate2Signature(cert, "SHA1"), null, cal);
              //// var fails2 = CertificateVerification.VerifyCertificate(pkc, null, cal);
              //if (fails != null)
              //{
              //    // throw new InvalidOperationException("The file is not signed using the specified key-pair.");
              //}
          }
Posted
Updated 5-Oct-16 3:33am

1 solution

Given the vagueness of your issue and my inability to see your PDFs on your hard drive...the issue is more than likely with the cert you are using to sign your PDFs and not with your code. I am guessing it is a self signed cert and not one from a CA.

Basically if you are generating the cert yourself, it has to be added to the keystore of your computer as a trusted cert. But unless you plan on installing that same cert on all of your computers, your Signed PDF is going to indicate issues if it is on a computer that hasn't had your self signed cert installed.

In order to have it where your PDF is signed and globally acknowledged as "Safe" you need to visit a Certificate authority (i think thats what CA stands for, to lazy to google) and get an authorized digital certificate to sign your PDFs with.

Adobe PDF Document Signing From Digicert.com[^]

PDF Signing Certificate[^]

Entrust Document Signing Certificates | Entrust[^]

In order to provide your own signed certs there is hardware you can by...its called HSM...that manages your certificates. Its like 20k/year and is the same method docusign uses for signing their pdfs.
 
Share this answer
 
Comments
raviranjan1 5-Oct-16 10:06am    
No it is CA Authorised Certificate and i am signing through Code only. I am reading the signature from USB and and attaching in a PDF.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900