EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Veryfy PDF signatures

Posted: 09/20/2011 06:42:40
by Daniel Kekesi (Standard support level)
Joined: 09/19/2011
Posts: 13

Hi All,

I am trying to verify signatures in a PDF file. Sometimes the PDF contains the entire certificate chain (signer's certificate, intermediary CA, root CA), but sometimes it only contains a single certificate. When I open a PDF with complete chains they all get loaded into a CertStorage, but if I open a PDF with a single certificate then the CertStorage will only contain a single cert (obviously). Issuing the BuildChain method will not do anything as the CertStorage has only one certificate.

I assume then it is my task to build the chain using CA certificated from the Windows Certificate Store (if they're available).
My question is: How do I tell BuildChain to take a look at the Windows Certificate Store for additional items of the chain?

Could you provide a sample code in VB.NET or C# (besides the one that is available, as it constantly says signature is not valid)?

Thanks for your help in advance.

Best Regards,

P.S. I can provide sample PDFs but not onto the public forum.
Posted: 09/20/2011 07:42:57
by Vsevolod Ievgiienko (Team)

Thank you for contacting us.

You can not force BuildChain() to use Windows certificate storages but you can find needed certificates and add them manually to CertStorage. To do this you can use TElWinCertStorage and TElWinCertStorage.GetIssuerCertificate method that allows to find certificate which was used to sign the existing certificate in a storage.
Posted: 09/20/2011 07:58:18
by Daniel Kekesi (Standard support level)
Joined: 09/19/2011
Posts: 13

Thank you for the response. This is exactly how we ended up solving the problem. What I do not understand then why do I have a BuildChain property if I have to manually add the certificates?
Posted: 09/20/2011 08:05:09
by Vsevolod Ievgiienko (Team)

BuildChain() method is used to build a chain from a certificate storage that can contain certificates that are not related to the one you want to build a chain for.
Posted: 09/20/2011 08:18:24
by Daniel Kekesi (Standard support level)
Joined: 09/19/2011
Posts: 13

Thanks for the information.



Topic viewed 667 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!