#  `dump_signatures`

List and validate digital signatures
## Usage
> pdftl `<input>` `dump_signatures` `[output` `<output>]`

## Details
Lists all digital signatures embedded
in the PDF and performs cryptographic validation on each.

If possible, this reads the PDF file directly from disk to ensure that
the cryptographic byte ranges are not disturbed by PDF parsing
engines.

### Signature Stanza Format

* `SignatureBegin`
* `SignatureFieldName`: The name of the signature field.
* `SignatureSigner`: Common Name (CN) of the signer.
* `SignatureHashAlgorithm`: e.g., sha256.
* `SignatureIntegrity`: VALID or INVALID (mathematical hash check).
* `SignerTrusted`: True or False (whether the certificate is trusted).
* `TrustProblem`: Detailed reason if the signer is untrusted.
* `SignatureCoverage`: ENTIRE_FILE, REVISION_ONLY, or PARTIAL.
* `SignatureModificationLevel`: NONE, FORM_FILLING, or SUSPICIOUS.
* `DocMDPOk`: True or False (whether document permissions allow the modifications).
* `SignatureTimestamp`: The verified cryptographic timestamp, or signer-reported time.
* `SignatureMechanism`: The signature algorithm mechanism (e.g., rsassa_pkcs1v15).
* `SignatureChainOfTrust`: The certificate chain of trust from end-entity to Root CA.

If `SignatureModificationLevel` is SUSPICIOUS, it will be followed by one or more blocks:
* `SuspiciousDetailsBegin`
* `SuspiciousDetailsType`: The category of the suspicious modification.
* `SuspiciousDetailsData`: The related objects or details.


**Tags**: info, security, signatures

*Source: pdftl.operations.dump_signatures*

*Read online: [https://pdftl.readthedocs.io/en/stable/operations/dump_signatures.html](https://pdftl.readthedocs.io/en/stable/operations/dump_signatures.html)*

*Type: Operation*