Skip to content

ninja-labs-tech/verify-pdf

 
 

Repository files navigation

verify-pdf

Build Status

verify pdf files in JS (supports both node.js & browser).

Verifying PDF signature

The signed PDF file has the public certificate embedded in it, so all we need to verify a PDF file is the file itself.

Installation

npm i @ninja-labs/verify-pdf

Importing

// CommonJS require
const verifyPDF = require('@ninja-labs/verify-pdf');  

// ES6 imports
import verifyPDF from '@ninja-labs/verify-pdf';

Verifying

Verify the digital signature of the pdf and extract the certificates details

Node.js

const verifyPDF = require('@ninja-labs/verify-pdf');
const signedPdfBuffer = fs.readFileSync('yourPdf');

const {
    verified,
    authenticity,
    integrity,
    expired,
    meta
} = verifyPDF(signedPdfBuffer);

Browser

import verifyPDF from '@ninja-labs/verify-pdf';

const readFile = (e) => {
    const file = e.target.files[0]
    let reader = new FileReader();
    reader.onload = function(e) {
        const { verified } = verifyPDF(reader.result);
    }
    reader.readAsArrayBuffer(file);
};
  • signedPdfBuffer: signed PDF as buffer.
  • verified: The overall status of verification process.
  • authenticity: Indicates if the validity of the certificate chain and the root CA.
  • integrity: Indicates if the pdf has been tampered with or not.
  • expired: Indicates if any of the certificates has expired.
  • meta: Object containing the certificates details and signatureMeta (Reason, ContactInfo and Location).

Certificates

You can get the details of the certificate chain by using the following api.

const { getCertificatesInfoFromPDF } = require('@ninja-labs/verify-pdf');  // require

import  { getCertificatesInfoFromPDF } from '@ninja-labs/verify-pdf';  // ES6 
const certs = getCertificatesInfoFromPDF(signedPdfBuffer);
  • signedPdfBuffer: signed PDF as buffer.

  • certs:

    • issuedBy: The issuer of the certificate.
    • issuedTo: The owner of the certificate.
    • validityPeriod: The start and end date of the certificate.
    • pemCertificate: Certificate in pem format.
    • clientCertificate: true for the client certificate.

Dependencies

node-forge is used for working with signatures.

Credits

About

Verify pdf signatures in JS

Resources

Stars

Watchers

Forks

Packages

No packages published