PDF Document API — Digital Signature Validation (v23.2)

As you know, signature validation helps promote document integrity and authenticity (signature validation mitigates risks associated with document tampering, unauthorized modifications, identity theft/impersonation, etc). Said simply, validation ensures that a digital signature matches the content it claims to authenticate - a vital element for secure electronic transactions.

Signature Validation with the DevExpress Office File API Suite

When using the DevExpress PDF Document API (v23.2+), you can obtain signature information and verify signature validity with relative ease.

Our new PdfDocumentSigner.GetPdfPkcs7Signature method allows you to retrieve signature info within a specific form field. You can use the retrieved PdfPkcs7Signature object's methods to obtain information on the certificate itself, certificate chain, and/or stamp date. The VerifySignature and VerifyTimeStamp methods authenticate the signature or the time stamp, respectively.

The following code snippet generates a report on signatures used within a PDF file:

using DevExpress.Pdf;
// ...
// Get the Document.pdf file.
using (PdfDocumentSigner documentSigner = new PdfDocumentSigner("Document.pdf"))
    // Retrieve the list of `PdfSignatureInfo` objects in the document.
    foreach (var signature in documentSigner.GetSignatureInfo()) {
        Console.WriteLine("Signature field name : {0}", signature.FieldName);
        Console.WriteLine("  Signer name : {0}", signature.SignerName);
        // Obtain the PKCS#7 signature from the list of `PdfSignatureInfo` objects and verify it.
        var pkcs7 = documentSigner.GetPdfPkcs7Signature(signature.FieldName);
        Console.WriteLine("  Is signature valid? : {0}", pkcs7.VerifySignature());
        // Obtain the PKCS#7 signature certificate and verify the certificate info.
        var certificate = pkcs7.GetSignatureCertificate();
        Console.WriteLine("  Certificate issuer : {0}", certificate.IssuerName.Name);
        Console.WriteLine("  Is certificate valid? : {0}", certificate.Verify());
        var timestampDate = pkcs7.GetTimeStampDate();
        // Get a timestamp and verify the time of signing.
        Console.WriteLine("  Does signature include a timestamp? : {0}", timestampDate.HasValue);
        if(timestampDate.HasValue) {
            Console.WriteLine("  Timestamp : {0}", timestampDate);
            Console.WriteLine("  Is timestamp valid? : {0}", pkcs7.VerifyTimeStamp());
        }
    }

To help illustrate use of this capability, we created the following sample Blazor project. The project loads a signed PDF file and when loaded, a table displays document signatures and associated information.

Note: At present, the DevExpress PDF Document API only validates PKCS#7 signatures. Please complete the survey below and let us know what other validation type you'd like to see us introduce in the future: