ContextQMD
Back to Devexpress

DocumentSigner.Validate(String, SignatureValidationOptions) Method

officefileapi-devexpress-dot-office-dot-digitalsignatures-dot-documentsigner-dot-validate-x28-system-dot-string-devexpress-dot-office-dot-digitalsignatures-dot-signaturevalidationoptions-x29.md

latest11.7 KB
Original Source

DocumentSigner.Validate(String, SignatureValidationOptions) Method

SECURITY-RELATED CONSIDERATIONS

Using file paths sourced from untrusted input may expose unauthorized files or allow unintended file access. Always validate and normalize all external paths to prevent path manipulation.

Validates a signature in the specified file with the specified options.

Namespace : DevExpress.Office.DigitalSignatures

Assembly : DevExpress.Docs.v25.2.dll

NuGet Package : DevExpress.Document.Processor

Declaration

csharp
public PackageSignatureValidation Validate(
    string inputFileName,
    SignatureValidationOptions options
)
vb
Public Function Validate(
    inputFileName As String,
    options As SignatureValidationOptions
) As PackageSignatureValidation

Parameters

NameTypeDescription
inputFileNameString

A name of a file with a signature (including the full path).

| | options | SignatureValidationOptions |

An object that contains validation options.

|

Returns

TypeDescription
PackageSignatureValidation

An object that contains validation information.

|

Remarks

Validation Options

The SignatureValidationOptions object allows you to specify signature validation options. Use the SignatureValidationOptions.ValidationFlags property to exclude validation steps.

csharp
private static void ValidateSignature(string path)
{
    DocumentSigner validator = new DocumentSigner();

    //Specify validation options
    //In this example, certificate validation is skipped
    SignatureValidationOptions validationOptions = new SignatureValidationOptions();
    validationOptions.ValidationFlags = ~ValidationFlags.ValidateSignatureCertificate & ~ValidationFlags.ValidateTimestampCertificate;

    //Validate the signature:
    PackageSignatureValidation signatureValidation = validator.Validate(path, validationOptions);
    AnalyzeValidationResult(signatureValidation);

}
vb
Private Shared Sub ValidateSignature(ByVal path As String)
  Dim validator As New DocumentSigner()

  'Specify validation options
  'In this example, certificate validation is skipped
  Dim validationOptions As New SignatureValidationOptions()
  validationOptions.ValidationFlags = (Not ValidationFlags.ValidateSignatureCertificate) And Not ValidationFlags.ValidateTimestampCertificate

  'Validate the signature:
  Dim signatureValidation As PackageSignatureValidation = validator.Validate(path, validationOptions)
  AnalyzeValidationResult(signatureValidation)
End Sub

Validation Process

The Validate method returns the PackageSignatureValidation instance that contains validation information. Check the PackageSignatureValidation.Result and PackageSignatureValidation.ResultMessage properties to determine whether the signature is valid.

Note

Make sure that the signature certificate is registered on your machine. Otherwise, the signature is invalid.

If the document is not signed, the PackageSignatureValidation.Result property returns SignaturesNotFound.

If the document to be validated is encrypted, specify the SignatureValidationOptions.DecryptionPassword property to decrypt the document. Otherwise, the Result property returns PackageSignatureValidationResult.PackageOpenFailed.

If the PackageSignatureValidation.Result property returns Invalid or PartiallyValid, check the PackageSignatureValidation.Items property to obtain a list of items with validation information. The number of SignatureValidationInfo objects in the list is equal to the number of signatures.

The table below lists API used to obtain information:

PropertyDescription
SignatureValidationInfo.PassedChecksReturns verification types the signature passed.
SignatureValidationInfo.PassedCheckDetailsObtains information about passed verifications.
SignatureValidationInfo.FailedChecksReturns verification types the signature did not pass.
SignatureValidationInfo.FailedCheckDetailsRetrieves information about failed verifications.
SignatureValidationInfo.CheckDetailsGets information about all verifications.

The code sample below analyzes the validation result and shows information in the console:

csharp
private static void AnalyzeValidationResult(PackageSignatureValidation signatureValidation)
{
    string validationMessage = signatureValidation.ResultMessage;

    //Check validation result and show information in the console:
    switch (signatureValidation.Result)
    {
        case PackageSignatureValidationResult.Valid:
            Console.WriteLine(validationMessage); Console.ReadKey();
            Process.Start(output);
            break;

        case PackageSignatureValidationResult.SignaturesNotFound:
            Console.WriteLine(validationMessage);
            break;

        case PackageSignatureValidationResult.Invalid:
        case PackageSignatureValidationResult.PartiallyValid:
            var failedCheckDetails = signatureValidation.Items[0].FailedCheckDetails;
            Console.WriteLine(validationMessage);
            int i = 1;
            foreach (SignatureCheckResult checkResult in failedCheckDetails)
            {
                Console.WriteLine(String.Format("Validation details {0}: \r\n" +
                    "{1} failed, Info: {2} \r\n", i, checkResult.CheckType, checkResult.Info));
                i++;
            }
            Console.ReadKey();
            break;
    }
}
vb
Private Shared Sub AnalyzeValidationResult(ByVal signatureValidation As PackageSignatureValidation)
  Dim validationMessage As String = signatureValidation.ResultMessage

  'Check validation result and show information in the console:
  Select Case signatureValidation.Result
    Case PackageSignatureValidationResult.Valid
      Console.WriteLine(validationMessage)
      Console.ReadKey()
      Process.Start(output)

    Case PackageSignatureValidationResult.SignaturesNotFound
      Console.WriteLine(validationMessage)

    Case PackageSignatureValidationResult.Invalid, PackageSignatureValidationResult.PartiallyValid
      Dim failedCheckDetails = signatureValidation.Items(0).FailedCheckDetails
      Console.WriteLine(validationMessage)
      Dim i As Integer = 1
      For Each checkResult As SignatureCheckResult In failedCheckDetails
        Console.WriteLine(String.Format("Validation details {0}: " & ControlChars.CrLf & "{1} failed, Info: {2} " & ControlChars.CrLf, i, checkResult.CheckType, checkResult.Info))
        i += 1
      Next checkResult
      Console.ReadKey()
  End Select
End Sub

The following code snippets (auto-collected from DevExpress Examples) contain references to the Validate(String, SignatureValidationOptions) method.

Note

The algorithm used to collect these code examples remains a work in progress. Accordingly, the links and snippets below may produce inaccurate results. If you encounter an issue with code examples below, please use the feedback form on this page to report the issue.

word-document-api-sign-document-and-validate-signature/CS/Program.cs#L81

csharp
//Validate the signature:
PackageSignatureValidation signatureValidation = validator.Validate(path, validationOptions);
string validationMessage = signatureValidation.ResultMessage;

spreadsheet-document-api-sign-workbook-and-validate-signature/CS/WorkbookDigitalSignatureSample/Program.cs#L84

csharp
//Validate the signature:
PackageSignatureValidation signatureValidation = validator.Validate(path, validationOptions);
string validationMessage = signatureValidation.ResultMessage;

word-document-api-sign-document-and-validate-signature/VB/Program.vb#L72

vb
'Validate the signature:
Dim signatureValidation As PackageSignatureValidation = validator.Validate(path, validationOptions)
Dim validationMessage As String = signatureValidation.ResultMessage

spreadsheet-document-api-sign-workbook-and-validate-signature/VB/WorkbookDigitalSignatureSample/Program.vb#L77

vb
'Validate the signature:
Dim signatureValidation As PackageSignatureValidation = validator.Validate(path, validationOptions)
Dim validationMessage As String = signatureValidation.ResultMessage

See Also

DocumentSigner Class

DocumentSigner Members

DevExpress.Office.DigitalSignatures Namespace