Skip to content
Guides

Verify Digital Signatures

Verifying a digital signature consists of signature validity and certificate trustworthiness.

  • Signature validity indicates that the document has not been tampered with.
  • Certificate trustworthiness confirms that the signer is trustworthy.

Generally, a signature is verified only when both the signature is valid and the certificate is trustworthy.

This example shows how to verify digital signatures:

swift
if let url = URL(string: pdfPath) {
    let document = CPDFDocument(url: url)
    
    if let signatures = document?.signatures {
        // Iterate through all digital signatures.
for 
        for signature in signatures {
            signature.verifySignature(with: document)
            if let signer = signature.signers.first, let certificate = signer.certificates.first {
                var isSignVerified = true
                var isCertTrusted = true
                
                if !signer.isCertTrusted {
                    isCertTrusted = false
                }
                
                if !signer.isSignVerified {
                    isSignVerified = false
                }
                
                if isSignVerified && isCertTrusted {
                    //Signature is valid and the certificate is trusted.
                    //Perform the corresponding actions.
                } else if isSignVerified && !isCertTrusted {
                    //Signature is valid but the certificate is not trusted.
                    //Perform the corresponding actions.
                } else if !isSignVerified && !isCertTrusted {
                    // signature is invalid
                    // Perform the corresponding actions.
                } else {
                    // signature is invalid
                    // Perform the corresponding actions.
                }
            }
        }
    }
}
objective-c
NSURL *url = [NSURL fileURLWithPath:@"file path"];

CPDFDocument *document = [[CPDFDocument alloc] initWithURL:url];

NSArray *signatures = [document signatures];

// Iterate through all digital signatures.
for (CPDFSignature *signature in signatures) {
    [sign verifySignatureWithDocument:document];
    CPDFSigner *signer = signature.signers.firstObject;
    CPDFSignatureCertificate * cer = signer.certificates.firstObject;

    BOOL isSignVerified = YES;
    BOOL isCertTrusted = YES;
  
   if (!signer.isCertTrusted) {
        isCertTrusted = NO;
    }

    if (!signer.isSignVerified) {
        isSignVerified = NO;
    }
        
    if (isSignVerified && isCertTrusted) {
        // Signature is valid and the certificate is trusted.
      // Perform the corresponding actions.
 
    } else if(isSignVerified && !isCertTrusted) {
        // Signature is valid but the certificate is not trusted.
      // Perform the corresponding actions.
    } else if(!isSignVerified && !isCertTrusted){
       
    } else {
       // Signature is invalid.
      // Perform the corresponding actions.
    }
}