PDF Signature Verification SDK

Verify digital signatures in PDFs with an 8-point verification model. Browser and Node.js, React and vanilla JS. Zero external crypto dependencies.

npm install @trexolab/verifykit-react

Get Started Live Demo

Everything you need

From a single signature check to a full-featured PDF viewer with verification built in.

8-Point Verification

Integrity, signature, certificate chain, expiry, timestamp, revocation, algorithm, and EKU checks.

Rust/WASM Core

3.7x faster than JavaScript. All crypto runs in WASM with zero npm runtime dependencies.

PAdES Compliant

Detects B-B, B-T, B-LT, and B-LTA conformance levels per ETSI standards.

Plugin Architecture

24 composable viewer plugins. Disable what you don't need, extend with custom plugins.

React + Vanilla

Full React component library, or drop in a single UMD script for vanilla JS.

Browser + Node.js

Client-side verification in the browser, or headless verification in Node.js.

Theming

Light, dark, and system modes with 100+ CSS variables for customization.

TypeScript First

Complete type definitions for every API surface, hook, plugin, and config option.

Packages

Use independently or together. All packages share the same Rust/WASM verification core.

@trexolab/verifykit-core

Rust/WASM signature verification engine

Browser + Node.jsnpm install @trexolab/verifykit-core

@trexolab/verifykit-react

React PDF viewer with plugin-based architecture

Browser (React 19+)npm install @trexolab/verifykit-react

@trexolab/verifykit-vanilla

Zero-build CDN/UMD drop-in viewer

Browsernpm install @trexolab/verifykit-vanilla

@trexolab/verifykit-plugin-revocation

Online CRL/OCSP revocation checking

Browser + Node.jsnpm install @trexolab/verifykit-plugin-revocation

Install from our registry: --registry=https://verifykit.trexolab.com/api/registry

Quick Start

Get up and running in under a minute with React, Node.js, or vanilla JS.

import { VeriPdfProvider, Viewer, WelcomeScreen,
  useVerification, defaultLayoutPlugin } from '@trexolab/verifykit-react'
import '@trexolab/verifykit-react/styles.css'

function App() {
  return (
    <VeriPdfProvider config={{ theme: { mode: 'system' } }}>
      <PdfViewer />
    </VeriPdfProvider>
  )
}

function PdfViewer() {
  const verification = useVerification()
  const [layout] = useState(() => defaultLayoutPlugin())

  if (!verification.fileBuffer) {
    return <WelcomeScreen onOpenFile={(f) => verification.load(f)} />
  }

  return (
    <Viewer
      fileBuffer={verification.fileBuffer}
      fileName={verification.fileName}
      plugins={[layout.plugin]}
      onOpenFile={(f) => verification.load(f)}
      initialState={{
        signatures: verification.signatures,
        verificationStatus: verification.status ?? undefined,
      }}
    />
  )
}

8-Point Verification Model

Every PDF signature is validated with 8 independent checks, each producing a pass/fail/warning status.

Integrity

Document bytes match the signed range (tampering detection)

Signature

Cryptographic signature is mathematically valid

Certificate Chain

Certificate chains to a trusted root CA (119 AATL roots)

Expiry

Certificates were valid at signing time

Timestamp

RFC 3161 timestamp is present and valid

Revocation

Certificate not revoked (CRL/OCSP, opt-in online check)

Algorithm

Algorithms meet minimum strength (no SHA-1, RSA >= 2048)

EKU

Extended Key Usage permits document signing

Ready to verify?

Install the SDK, read the docs, or try the live demo.

Read the Docs Try Live Demo