Sorry for the long absence and here's another attempt at solving this issue.
I just attached a patch developed by me and André Esser which adds signature verification support to poppler core and the glib frontend.
It uses the NSS CMS API for the crypto operations (signature and certificate Validations).
4 new functions were added at the glib wrapper level:
poppler_document_is_signed
poppler_document_signature_validate
poppler_document_signature_get_time
poppler_document_signature_get_signername
We added a new test utility for this feature in utils/pdfsigverify and exposed the number of signatures in poppler-glib-demo.
The trusted certificate issue for Linux systems is tackled in the following way:
we try to load the NSS certificate DB in the default Firefox profile and if that fails we try to load certificates from the standard directory /etc/pki/nssdb which may or may not be populated depending on the distro setup. We're obviously open to suggestions in this area.
Current limitation:
- The CMake changes we're not done yet so Autotools build is required for now (we couldn't find an easy/clean way to find the NSS dependency using CMake)
Sorry for the long absence and here's another attempt at solving this issue.
I just attached a patch developed by me and André Esser which adds signature verification support to poppler core and the glib frontend.
It uses the NSS CMS API for the crypto operations (signature and certificate Validations).
4 new functions were added at the glib wrapper level: document_ is_signed document_ signature_ validate document_ signature_ get_time document_ signature_ get_signername
poppler_
poppler_
poppler_
poppler_
We added a new test utility for this feature in utils/pdfsigverify and exposed the number of signatures in poppler-glib-demo.
The trusted certificate issue for Linux systems is tackled in the following way:
we try to load the NSS certificate DB in the default Firefox profile and if that fails we try to load certificates from the standard directory /etc/pki/nssdb which may or may not be populated depending on the distro setup. We're obviously open to suggestions in this area.
Current limitation:
- The CMake changes we're not done yet so Autotools build is required for now (we couldn't find an easy/clean way to find the NSS dependency using CMake)