Vanilla.PDF  2.2.0
Cross-platform toolkit for creating and modifying PDF documents
List of all members
SignatureVerificationSettingsHandle Class Reference
Utilities

Configuration settings for signature verification. More...

Inheritance diagram for SignatureVerificationSettingsHandle:
IUnknownHandle
error_type CALLING_CONVENTION SignatureVerificationSettings_Create (SignatureVerificationSettingsHandle **result)
 Create new signature verification settings with default values.
 
error_type CALLING_CONVENTION SignatureVerificationSettings_GetSkipCertificateValidation (SignatureVerificationSettingsHandle *handle, boolean_type *result)
 Get skip certificate validation flag.
 
error_type CALLING_CONVENTION SignatureVerificationSettings_SetSkipCertificateValidation (SignatureVerificationSettingsHandle *handle, boolean_type value)
 Set skip certificate validation flag.
 
error_type CALLING_CONVENTION SignatureVerificationSettings_GetCheckSigningTimeFlag (SignatureVerificationSettingsHandle *handle, boolean_type *result)
 Get check signing time flag.
 
error_type CALLING_CONVENTION SignatureVerificationSettings_SetCheckSigningTimeFlag (SignatureVerificationSettingsHandle *handle, boolean_type value)
 Set check signing time flag.
 
error_type CALLING_CONVENTION SignatureVerificationSettings_GetAllowWeakAlgorithmsFlag (SignatureVerificationSettingsHandle *handle, boolean_type *result)
 Get allow weak algorithms flag.
 
error_type CALLING_CONVENTION SignatureVerificationSettings_SetAllowWeakAlgorithmsFlag (SignatureVerificationSettingsHandle *handle, boolean_type value)
 Set allow weak algorithms flag (MD5, SHA-1, RSA < 2048 bits)
 
error_type CALLING_CONVENTION SignatureVerificationSettings_Release (SignatureVerificationSettingsHandle *handle)
 Decrement the internal reference counter.
 

Additional Inherited Members

- Public Member Functions inherited from IUnknownHandle
error_type CALLING_CONVENTION IUnknown_AddRef (IUnknownHandle *handle)
 Increment the internal reference counter.
 
- Related Symbols inherited from IUnknownHandle
 Decrement the internal reference counter.
 

Detailed Description

Configuration settings for signature verification.

Examples
verify.c.

Member Function Documentation

◆ SignatureVerificationSettings_Create()

error_type CALLING_CONVENTION SignatureVerificationSettings_Create ( SignatureVerificationSettingsHandle **  result)

Create new signature verification settings with default values.

Parameters
resultOutput handle to created settings
Returns
Error code

Friends And Related Symbol Documentation

◆ SignatureVerificationSettings_GetSkipCertificateValidation()

error_type CALLING_CONVENTION SignatureVerificationSettings_GetSkipCertificateValidation ( SignatureVerificationSettingsHandle handle,
boolean_type result 
)
related

Get skip certificate validation flag.

Parameters
handleThe settings handle
resultOutput flag value
Returns
Error code

When enabled, signature verification will skip X509 certificate chain validation. The cryptographic signature is still verified, but the certificate chain is not validated against the trust store.

Note
Effect on verification result when enabled:
  • SignatureVerificationResult_GetStatus() returns SignatureStatus_Valid (assuming the cryptographic signature is correct)
  • SignatureVerificationResult_IsSignatureValid() returns VANILLAPDF_RV_TRUE
  • SignatureVerificationResult_IsCertificateTrusted() returns VANILLAPDF_RV_FALSE

The IsCertificateTrusted flag remains false because the certificate chain was not actually verified - we cannot claim trust for something we did not check. This provides transparency: a Valid status with IsCertificateTrusted=false indicates that validation was bypassed rather than successfully completed.

Warning
This is a security bypass intended for testing/debugging only. In production, certificates should be properly added to the trust store.

◆ SignatureVerificationSettings_SetSkipCertificateValidation()

error_type CALLING_CONVENTION SignatureVerificationSettings_SetSkipCertificateValidation ( SignatureVerificationSettingsHandle handle,
boolean_type  value 
)
related

Set skip certificate validation flag.

Parameters
handleThe settings handle
valueFlag value to set (true to skip validation, false for full validation)
Returns
Error code

When set to true, certificate chain validation is bypassed entirely. The cryptographic signature is still verified, but no X509 chain validation is performed. This allows signatures with expired, self-signed, or untrusted certificates to pass verification.

Note
When validation is skipped, SignatureVerificationResult_IsCertificateTrusted() will return VANILLAPDF_RV_FALSE, even though the overall status may be Valid. This accurately reflects that trust was not established through verification.
Warning
Setting this to true bypasses important security checks including: certificate expiration, trust chain validation, and root CA verification. Only use for testing or when you explicitly trust the signer through out-of-band means.

◆ SignatureVerificationSettings_GetCheckSigningTimeFlag()

error_type CALLING_CONVENTION SignatureVerificationSettings_GetCheckSigningTimeFlag ( SignatureVerificationSettingsHandle handle,
boolean_type result 
)
related

Get check signing time flag.

Parameters
handleThe settings handle
resultOutput flag value
Returns
Error code

◆ SignatureVerificationSettings_SetCheckSigningTimeFlag()

error_type CALLING_CONVENTION SignatureVerificationSettings_SetCheckSigningTimeFlag ( SignatureVerificationSettingsHandle handle,
boolean_type  value 
)
related

Set check signing time flag.

Parameters
handleThe settings handle
valueFlag value to set
Returns
Error code

◆ SignatureVerificationSettings_GetAllowWeakAlgorithmsFlag()

error_type CALLING_CONVENTION SignatureVerificationSettings_GetAllowWeakAlgorithmsFlag ( SignatureVerificationSettingsHandle handle,
boolean_type result 
)
related

Get allow weak algorithms flag.

Parameters
handleThe settings handle
resultOutput flag value
Returns
Error code

◆ SignatureVerificationSettings_SetAllowWeakAlgorithmsFlag()

error_type CALLING_CONVENTION SignatureVerificationSettings_SetAllowWeakAlgorithmsFlag ( SignatureVerificationSettingsHandle handle,
boolean_type  value 
)
related

Set allow weak algorithms flag (MD5, SHA-1, RSA < 2048 bits)

Parameters
handleThe settings handle
valueFlag value to set
Returns
Error code

◆ SignatureVerificationSettings_Release()

error_type CALLING_CONVENTION SignatureVerificationSettings_Release ( SignatureVerificationSettingsHandle handle)
related

Decrement the internal reference counter.

When the internal counter reaches zero the object is deleted. Releasing already disposed object causes undefined behavior.

See also
IUnknown_Release
The documentation for this class was generated from the following file: