Created attachment 119174 Handle SEC_ERROR_UNTRUSTED_ISSUER When verifying a PDF signed by a certificate issued by a CA not in the trust store I would expect to get an error "Certificate isn't Trusted" however currently the error message actually is the more generic "Unknown issue with Certificate or corrupted data".
I tested with http://wwwpriv.primekey.se/~markus/pdfsigner/test-pdfs /signserver-res-test-pdf/sample-signed.pdf: [user@dev-21 utils]$ ./pdfsigverify ~/Downloads/signserver-res-test-pdf/sample-signed.pdf Digital Signature Info of: /home/user/Downloads/signserver-res-test-pdf/sample-signed.pdf Signature #1: - Signer Certificate Common Name: Signer 2 - Signing Time: Nov 23 2011 17:09:42 - Signature Validation: Signature is Valid. - Certificate Validation: Unknown issue with Certificate or corrupted data. Then after adding http://wwwpriv.primekey.se/~markus/pdfsigner/test-pki /signserver-res-test-dss10/DSSRootCA10.cacert.pem as trusted in Firefox: [user@dev-21 utils]$ ./pdfsigverify ~/Downloads/signserver-res-test-pdf/sample-signed.pdf Digital Signature Info of: /home/user/Downloads/signserver-res-test-pdf/sample-signed.pdf Signature #1: - Signer Certificate Common Name: Signer 2 - Signing Time: Nov 23 2011 17:09:42 - Signature Validation: Signature is Valid. - Certificate Validation: Certificate is Trusted. The attached patch adds the NSS error code for untrusted issuer so the error will be "Certificate isn't trusted". -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/740506 Title: verify digital signatures To manage notifications about this bug go to: https://bugs.launchpad.net/evince/+bug/740506/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
