I have a valid document, that after processing with verify-pdf it returns authenticity: false.
Looking at the code, I see the that the root cause is that the authenticateSignature() function in verification.js calls verifyCaBundle() that will only return true if there are multiple certificates in the signed PDF (at least 2), and the chain is valid, meaning each certificate is the the issuer of the next:
The PDF I've used (of a brazilian digital ID), the PDF is signed using only one certificate and not a chain, so the verifyCaBundle function returns false, and the authenticity is false.
Is it a must for a PDF to have a certificate chain?
I have a valid document, that after processing with verify-pdf it returns
authenticity
:false
. Looking at the code, I see the that the root cause is that theauthenticateSignature()
function in verification.js callsverifyCaBundle()
that will only return true if there are multiple certificates in the signed PDF (at least 2), and the chain is valid, meaning each certificate is the the issuer of the next:The PDF I've used (of a brazilian digital ID), the PDF is signed using only one certificate and not a chain, so the
verifyCaBundle
function returns false, and the authenticity is false.Is it a must for a PDF to have a certificate chain?