PDF Signature Checker

About this tool

Inspect digital signatures in PDF files — signer, certificate, signing time, cryptographic validity. All client-side.

Inspect digital signatures in PDF files — signer, certificate, signing time, cryptographic integrity. All client-side.

RT-IMF-004 · Image & File

Privacy: The PDF file never leaves your browser. All inspection and cryptographic analysis happens locally via self-hosted node-forge. Files are not uploaded anywhere.

This is not a legal-validity check. The tool reports cryptographic integrity (does the embedded hash match the signed bytes) and shows certificate metadata. It does not verify against current certificate revocation lists (CRLs / OCSP), establish trust chain to AATL/EUTL roots, or judge whether the signature is legally binding in any jurisdiction. For legally-binding signature verification, consult Adobe Acrobat Reader\'s signature panel, a qualified e-signature platform (DocuSign, Adobe Sign), or a legal professional.

📄

Click to choose a PDF, or drop one here

PDF stays in your browser. Max ~50MB practical size.

How to use the PDF signature checker

Drop or pick a PDF

Drag any PDF onto the drop zone or click to file-pick. The tool reads the file directly in your browser — no upload to any server.

Review the signature summary

The summary panel shows how many signatures were found, how many pass the cryptographic integrity check, and the file size. Most signed PDFs have one signature; multi-party contracts can have several.

Inspect each signature card

Each signature gets a dark detail card showing signer common name and organisation, certificate issuer, certificate validity period, the signature's ByteRange (what part of the PDF is covered), signing time if embedded, and the digest algorithm used.

Read the limitations honestly

Cryptographic integrity (green check) means the document hasn't been altered since signing. It does not mean the certificate is from a trusted CA, that the certificate is still valid at the current date, or that the signature is legally binding. Use professional tooling for those.

PDF signatures — what they prove and what they don't

A digital signature inside a PDF is a piece of cryptographic data embedded in the PDF structure that proves two things: (1) the document hasn't been modified since it was signed, and (2) the signer was in possession of a specific private key at the time of signing. It does NOT prove the signer's real-world identity unless you also trust the certificate authority that issued that signer's certificate. The distinction between cryptographic validity and legal validity is what most users don't realise — and it's the source of every "but this PDF is signed!" misunderstanding in real-world contract disputes.

What the PDF actually contains

Inside a signed PDF, the signature lives in a dictionary referenced by the document's AcroForm. The key fields are /ByteRange (which bytes of the PDF are covered by the signature — typically everything except the signature blob itself), /Contents (a hex-encoded PKCS#7/CMS structure containing the actual cryptographic signature plus the signer's certificate), and /Filter + /SubFilter (which signature handler created the signature — most commonly adbe.pkcs7.detached for Adobe-flavoured signatures). The tool above reads these fields directly from the file bytes, parses the PKCS#7 structure using node-forge, and reports what it finds.

The PAdES levels

The European standard ETSI EN 319 142-1 (PAdES — PDF Advanced Electronic Signatures) defines four levels of trust depth: B-B (basic — proves "someone with this key signed it"), B-T (basic + trusted timestamp from a TSA — proves "signed before this date"), B-LT (long-term — embeds all certificate chain info needed for future validation), and B-LTA (long-term with archive timestamp — for signatures that need to remain verifiable decades into the future). Adobe AATL (Adobe Approved Trust List) is the de-facto private equivalent for non-EU contexts; the EUTL (EU Trusted List) is the European public-CA registry. None of these are validated by this tool — the goal here is to inspect the raw structure, not to certify legal validity.

The byte-range trick — why "signed-then-edited" is detectable

The /ByteRange entry tells the verifier exactly which byte positions of the PDF are covered. Typically it's the whole file MINUS the bytes of the signature blob itself. The verifier hashes those bytes, then checks the hash against what the signature claims. If anyone modifies any byte in the covered range — including just adding a single space — the hash differs and the signature is invalid. The clever attack: a malicious editor adds new content in a place the ByteRange explicitly excludes (e.g. annotation layers added after signing). Adobe Reader catches this as "Signature is valid, but document has been modified" — but plenty of casual viewers don't surface that distinction.

ASEAN context — IMDA, MyDigital ID, NIK

Singapore's National Digital Identity (Singpass) supports digital signatures via the Sign with Singpass feature, backed by GovTech's certificate infrastructure. Malaysia's MyDigital ID and earlier MSC Trustgate certificates underpin domestic digital-signature use. Indonesia's electronic ID (NIK)-linked PSrE (Penyelenggara Sertifikasi Elektronik) providers issue local digital certificates. Cross-border, an EU AATL-listed certificate is usually accepted by ASEAN PDF readers, but legal admissibility varies — Singapore's Electronic Transactions Act 2010 explicitly recognises foreign electronic signatures, while some ASEAN jurisdictions require a locally-issued certificate for legal binding. Always check the contract's jurisdiction clause before signing important documents.

10 PDF signature facts

PDF signatures use PKCS#7 / CMS (Cryptographic Message Syntax) embedded as hex-encoded bytes in the /Contents field of a signature dictionary — the same standard used in S/MIME email signatures.

The /ByteRange entry specifies exactly which bytes of the PDF are covered by the signature. Typically everything EXCEPT the signature blob itself — usually written as a 4-integer array.

PAdES (PDF Advanced Electronic Signatures) is the European standard for PDF signatures. The four levels — B-B, B-T, B-LT, B-LTA — provide progressively stronger long-term validation guarantees.

Adobe AATL (Adobe Approved Trust List) is the de-facto private trust list for non-EU contexts. AATL-listed certificate authorities are trusted by default in Adobe Acrobat Reader.

Cryptographic validity ≠ legal validity. A signature can pass mathematical verification while the certificate has expired, been revoked, or come from an untrusted issuer in your jurisdiction.

Singapore\'s Electronic Transactions Act 2010 recognises both local and foreign digital signatures. Sign with Singpass uses certificates backed by GovTech\'s CA for high-trust government interactions.

"Signed then edited" is detectable: any byte modification outside the explicitly-excluded ByteRange invalidates the signature. Adobe Reader surfaces this as "valid, but document modified."

Embedded timestamps (PAdES B-T) come from a Time Stamping Authority via RFC 3161 — a separate cryptographic protocol proving the signature existed before a specific time.

Most PDF reader bugs in 2020-2024 revolved around signature-validation edge cases — the "shadow attacks" of 2021 fooled Adobe Reader into treating modified PDFs as valid.

PDF signatures support SHA-1, SHA-256, SHA-384, and SHA-512 digest algorithms. New signatures should always use SHA-256 or stronger; SHA-1 was deprecated for new signatures by Adobe in 2017.

Frequently asked questions

What does "cryptographically valid" mean?

It means the embedded hash matches the bytes that the signature covers — proving no byte in the covered range has been altered since signing. It does NOT mean the certificate is from a trusted CA, that the certificate is still valid at the current date, or that the signature is legally binding.

Legal validity requires checking the certificate chain against a recognised trust list (AATL, EUTL, or a national equivalent), checking the certificate revocation list (CRL) or OCSP responder for the signing certificate, validating the certificate was active at signing time, and meeting jurisdiction-specific requirements. None of these can be done reliably client-side without external network calls. Use Adobe Acrobat Reader, a qualified e-signature platform, or a legal professional for binding verification.

No. The file is read locally via the browser File API and processed entirely client-side using self-hosted node-forge. Nothing is uploaded. You can verify by opening your browser's network tab — no requests fire when you select a PDF.

Up to a few hundred MB in theory. In practice, browser memory limits make ~50MB the comfortable maximum. Most signed contracts are well under 10MB.

Partially. If someone modifies bytes INSIDE the ByteRange after signing, the cryptographic check fails and we mark the signature invalid. If they modify bytes OUTSIDE the ByteRange (e.g. add new annotation layers), the signature still passes cryptographically — but Adobe Reader flags this as "valid, but document modified," which we don't currently detect. Always verify suspicious documents in Adobe Acrobat Reader.

CMS (Cryptographic Message Syntax, RFC 5652) is the IETF standard that evolved from RSA Labs' PKCS#7 (1993). They are essentially the same format with minor differences in some edge cases. PDF signatures predate CMS standardisation and the field is still officially called /Filter /PKCS7 for backward compatibility.

The tool reads signatures using SHA-1, SHA-256, SHA-384, and SHA-512 digests with RSA, DSA, or ECDSA signing keys. SHA-1 signatures are flagged as deprecated; modern signatures should use SHA-256 or stronger.

Two possibilities. Some PDFs use a "graphical signature" (a scanned signature image overlaid on the page) which is NOT a cryptographic signature — there's no cryptographic data to verify. Other PDFs may use proprietary signature handlers (DocuSign's own format, Adobe Sign) that this tool doesn't parse. Try Adobe Acrobat Reader for those.

A trusted third party that adds a cryptographic timestamp to a signature, proving the signature existed before a specific time. PAdES B-T level requires a TSA timestamp. Common TSAs include Sectigo, GlobalSign, and (in the EU) member-state-recognised qualified TSAs.

Self-hosted node-forge v1.3.1 (275KB minified) for PKCS#7 and X.509 certificate parsing. All cryptographic operations use the browser's native SubtleCrypto where possible, falling back to forge for ASN.1 structure parsing. No third-party CDN, no remote calls.

PDF Signature Checker