home · Installation · How to verify the authenticity of an electronic digital signature. How to check the authenticity of an electronic digital signature

How to verify the authenticity of an electronic digital signature. How to check the authenticity of an electronic digital signature

EDS stands for electronic digital signature. Although this document verification technology was invented and introduced in Russia a long time ago, it has not become widespread among the population to this day. Obtaining an electronic signature will simplify the preparation of documents and the receipt of various services if you submit applications via the Internet. For such people, digital signature will become an almost irreplaceable alternative. This signature is also used when sending documents via the Internet. Before considering a document as authentic, it is necessary to verify the digital signature. In this article you will learn how digital signature verification for State Services is carried out, what is needed for this procedure and much more.

Why confirm the digital signature?

Currently, absolutely any citizen of the Russian Federation can use an electronic document for their own purposes that do not contradict the law. Verifying a document using an electronic signature is necessary for several reasons:

  • determines the authenticity of the document;
  • identifies the identity of the owner of the signature;
  • you can make sure that the document was not sent accidentally;
  • After confirmation of the digital signature, you will be able to use the data in case of refusal of the person who signed the document.

Without a special service, digital signature verification is impossible. You will not be able to decipher the code yourself. It is worth mentioning that the electronic signature itself can be in the form of a picture, a digital key, or not have a visual display at all.

The technical verification process is quite complex and impossible without a computer. This is understandable - the level of reliability and security of such documents must be extremely high. We will not go into details of the technical side of the decryption and confirmation process, but will consider the procedure from the user’s point of view.

Methods for confirming digital signature

Next, we will look at the simplest and most accessible method - checking the digital signature for State Services. However, if for some reason you cannot use the site, then use one of the methods below:

  • special programs. You can find similar ones by searching on the Internet;
  • Microsoft Word program;
  • third-party unofficial services on the Internet.

In the event that nothing interferes with your work with the unified State Services portal, we will proceed directly to the description of the process.

Step-by-step instruction

Verification of digital signature for State Services is carried out quite quickly. It is worth noting that for this procedure you will not need registration, account confirmation and all other time-consuming steps.

Further step-by-step instructions will be accompanied by screenshots, so you won’t get confused or open the wrong page. To complete the verification process, you need the following elements:

  • computer with Internet access;
  • browser to enter the site;
  • digital signature carrier or corresponding file.

Checking the digital signature of the State Service is carried out as follows:

Portal capabilities for confirming electronic signatures

In the photo you see the points at which the authenticity of a document with digital signature can be verified. Let's look at each of them separately:

  • certificate confirmation – using this feature you can obtain information about the owner of the signature, its validity period and the authority that issued this document;
  • confirmation of an electronic document allows you to verify the authenticity of a file using an electronic signature;
  • confirmation of the disconnected signature using the official utilities of the State Services portal.

Certificate verification

To carry out the certificate verification procedure, follow these steps:


After this, the digital signature for State Services will be checked, and you will receive all the necessary information.

Checking an electronic document with electronic signature

To check a document with an electronic signature (electronic signature), follow the presented guide:


Checking the document and the detached signature

The detached digital signature is a separate file that is attached to the main document. If in previous cases the signature was placed on the document itself, now you will have to use one of the following methods: automatic verification on the website or confirmation using the hash function value. Let's consider both options.

To check automatically, click on the button marked in the photo:
Next, upload separately the file with the document and the file with the signature:
Enter the captcha again in the appropriate field and click the “Check” button.

When considering quotation bids, questions often arise such as: How to check the authenticity of a Word text document? What requirements must suppliers comply with when submitting a quotation in the form of an electronic document? What do customers need to pay attention to when receiving a quotation application in the form of an electronic document?

The quotation application in the form of an electronic document prepared by the procurement participants (PPP) must, first of all, comply with the requirements established by the customer for the quotation application in accordance with clause 3 of Art. 43 of Law No. 94-FZ.

Electronic document- this is information presented in electronic form, that is, in a form suitable for human perception using electronic computers, as well as for transmission over information and telecommunication networks or processing in information systems.


When establishing the form of an electronic document, the customer must be guided by the requirements of the Federal Law of the Russian Federation dated April 6, 2011 No. 63-FZ “On Electronic Signatures”. The law establishes the conditions for recognizing the equivalence of an electronic signature and a handwritten signature. An electronic signature in an electronic document is equivalent to a handwritten signature in a paper document, subject to the following conditions:

  • the signature key certificate related to this digital signature is valid at the time of verification or at the time of signing the electronic document if there is evidence determining the moment of signing;
  • the authenticity of the digital signature in the electronic document is confirmed;
  • The digital signature is used in accordance with the information specified in the signature key certificate (the right to sign relevant documents).

Please note that in accordance with the Law “On Electronic Signatures”, the creation of electronic digital signature keys for use in corporate information systems of federal government bodies, government bodies of constituent entities of the Russian Federation and local governments is carried out only in certified certification centers.

The customer must establish in the notice of request for quotation the requirements for the form of the quotation application submitted in the form of an electronic document, and also ask to attach to the letter the root certificates of the certification center that issued the digital signature. For example, to verify the authenticity of a signature, an application in the form of an electronic document must contain an electronic digital signature of the participant’s authorized person, certified by the electronic digital signature of the certification center, entered into the unified state register. An application submitted in the form of an electronic document must correspond in content to an application submitted in written form. The electronic document must be submitted in rtf format (Rich Text Format).

To verify the authenticity of the EDS, the customer has the right to request that the root certificates of the certification center that issued the EDS be attached to the application. However, if the customer replaces this request with a requirement, failure to comply with which may lead to rejection of the application on the basis of the inability to verify the authenticity of the participant’s digital signature, then the participant can successfully appeal these actions to the regulatory authority: root certificates are publicly available on the websites of certification centers.

The customer can check:

To verify the legitimacy of the digital signature, the customer must have the CryptoPro CSP crypto program installed. Using CryptoPro CSP, you can configure the functions of the email program used, which will ensure the acceptance of documents signed with certified digital signatures, correct viewing and verification of the digital signatures themselves.

Upon receipt of a quotation application in the form of an electronic document, a red “bow” should appear at the bottom of the document, indicating that the document is signed with an electronic signature. Sometimes, due to differences in the versions of offices and crypto, they may not be visible, but that is another question. By opening this “bow”, you can find out who signed the document and what is his term of office.

It is possible that in a certain version of Word the “bow” is not visible. On the website of the software manufacturer (CryptoPro) it is written that an application made in the 2007 office will not show the signature, and will not display the signature when viewed in the 2010 office. In general, no one forbids you to contact the URZ and ask in which version he signed the ED. In the quotation conditions, no one forbids specifying RECOMMENDATION version of Word, let’s assume, “due to the availability of just such licensed software from the Customer.” URZ will only benefit.

Leave your comment!

To check the digital signature at State Services, There is no need to purchase expensive equipment or have special computer skills. All you need is:

  • Internet access on a computer.
  • A reliable browser that allows you to access the desired portal.
  • Flash drive with data recorded on it EDS.

In the site menu that opens, go to the “Reference Information” section, then select the subsection “ Electronic signature" For checks authenticity EP The following points are intended:

  • Confirmation certificate.
  • Electronic confirmation document.
  • Confirmation of disconnected signatures.

How to check an electronic signature on a document? The first two items of the above menu are intended for this. In the first case it is done examination certificate imposed EDS by loading into the window that opens certificate-file.

Select digital signature

To check digital signature in the second way, you need to upload a signed document into the work field EP. After entering the captcha and launching checks The result of the analysis will be displayed on the screen.

How to check digital signature for functionality, if we are talking about a disconnected media? Use the automatic check on the portal (carried out similarly to the first two cases considered) or a special service program, which can be downloaded using the links located in the menu item “Confirmation of disconnected signatures" When activating the launch file and loading document With the obtained hash function value, the result of the control actions performed will be displayed on the monitor.

How to check an electronic signature certificate? It is possible to analyze the validity EP according to the following parameters:

  • Best before date.
  • Absence of revocation certificate.
  • Availability of accreditation from the Ministry of Telecom and Mass Communications of the issuer certificate Certification center.

For checks EP use the functionality of the same name portal. The results are as follows checks reliable, but have no legal force.

How to check the digital signature of an electronically signed document according to GOST ? Use the paid software of the CryptoPRO module. For correct operation of the system you will need:

  • Fine-tune your computer's date and time settings.
  • Using Microsoft Office version 2003 and higher.
  • Installation of the Cryptopro CSP data cryptographic module version 3.6.
  • Stable Internet connection.

After opening the electronically signed document and chosen for checks certificate, you need to copy the selected file and analyze its performance in the “Composition” tab signatures" Next, the user is presented with the opportunity to “ check" electronic signature online, or carry out control manually.

How to check an electronic digital signature key on the Cryptopro portal?

  • Go to the site page intended for checks EP.
  • Follow the link to the tab for checks certificate EDS.
  • From the Browse menu, select a saved certificate-file and run the scan.

If you have any doubts about the reliability of the received data, run a manual check.

How to check an electronic signature on documents

Check the digital signature certificate manually you can do this:

  • Open file certificate double click on it.
  • Record information about the issuer EDS Certification center.
  • In the tab containing the list of revoked certificates, copy the drop-down list into a separate one file.
  • On the portal of the CA subsystem, use the search window to find the center being checked and load information about invalid certificates into the appropriate dialog box. If there is no conflict between the entered data and the information contained in the system, we can talk about the authenticity of the signed document.

How to check a document signed with digital signature and provided in pdf format? Make sure your computer can operate correctly:

  • Correct date and time setting.
  • Availability of Windows OS version XP and higher.
  • Installation of Cryptopro CSP version 3.6.
  • Installation of CryptoPro PDF.
  • Uninterrupted Internet connection.


How to check the digital signature on a document in pdf format manually? Select on the panel of the Adobe product you are using located on the left side of the screen button « Signatures" Z

Then find the one you need in the drop-down menu EDS and select the command " Check signature" Result checks will be displayed on the computer monitor.

How to verify a qualified electronic signature?

The simplest examination includes analysis of the presence in the text certificate the following information:

  • Creation period signatures and its validity period.
  • Unique number.
  • Personal information about the owner EP.
  • Information about the certification center.

If the owner wishes key the list of encrypted data can be expanded. How to check an electronic digital signature, If document sent by electronic mail? For availability of props EP in the document indicates a special icon that appears in the message when you try to read it. The option is available for Outlook Express and Mozilla Thunderbird email clients.

The presence of a service header preceding the text of the email message is another way to make sure that the message sent document signed. It should be noted that this method does not allow check signing certificate for correctness.

Check the electronic key on authenticity possible using the Crypto ARM tool. The program does not require the use of a license key for the purpose checks signatures and successfully completes the task in a matter of minutes.

Another useful product for those who want to know how to check the digital signature key- Vipnet Crypto File. The functionality of the program is easy to use and intuitive even for a novice user.

To obtain information about who certified the sent document, to establish the authenticity of the signature, and the absence of unauthorized changes, an electronic digital signature verification is necessary. For this, open online services and special software are used.

Operating principle of an electronic signature

Almost all modern technologies for signing electronic documents are based on an asymmetric encryption scheme. This means that the owner of the electronic signature has at his disposal two corresponding (paired) keys: private and public. Using the first one, a signature is formed, and it is strictly kept secret. The second serves to encrypt information and is made publicly available.

When using an unqualified signature (), partners exchange public keys (OK), with the help of which verification is carried out. From a legal point of view, the exchange scheme is ensured by a written agreement concluded between them. A more reliable protection system is provided by a qualified electronic signature.

In this case, the signed and encrypted document, along with the key and all the information necessary for verification, is placed in a container, the role of which is played by a certificate issued by the Certification Authority. It contains information about the owner of the signature, certified by the center’s digital signature. This provides:

  • correspondence of the sent public key to the private key with which the electronic signature was generated;
  • absence of outside interference in the document (change of content, substitution), which is easily revealed by checking the electronic digital signature.

A positive result will be the issuance of information about the full name of the owner of the signature, details of the CA that issued the certificate, and its expiration date.

Why is EDS authentication needed?

Having received a document protected by an electronic signature, first of all, you need to check the electronic signature in order to:

  • establish that the signature belongs to the sender (its authenticity), that is, uniquely identify the sender;
  • verify the authenticity of the letter, its reliability, and the absence of any violation of integrity (traces of tampering);
  • have proof in the event of a controversial situation with a partner refusing to sign.

Most existing information systems provide for automatic verification of digital signatures. For example, if an applicant made a request to ROSRESTR and received a response with an electronic signature, he can check its authenticity directly on the website of this organization. To do this, a service is provided where the received document is uploaded, a file with the *.sig extension, and verification is carried out by pressing a simple button.

Similar tools are present in all information systems, including trading platforms. Since Russia has established state standards for the algorithms used and a signature certification system, you can verify the digital signature using various services provided by Certification Authorities, and independently - using special software.

How to check the authenticity of an electronic signature

In the process of document verification, a comparison of the electronic signature with which the document is signed, the verification key provided by the sender (sent along with it in the same container), and the EPC certificate takes place. You can check an electronic signature in several ways, even when the recipient is not registered with any CA.

  1. Using online services available in the public domain, for example, ContourCrypto and many others.
  2. By installing the CryptoPro CSP software package on your computer and loading it with a database of certificates from open CA directories.
  3. On the Public Services Portal (old version, https://www.gosuslugi.ru/pgu/eds). On it you can check the digital signature issued only by accredited Certification Centers (their list is located at https://e-trust.gosuslugi.ru/CA).
  4. Having independently calculated hash functions, for which you need to know the encryption algorithm and have special experience.

For ordinary users, the most accessible and easiest way is to install CryptoPro and check the digital signature on the State Portal.

Check on CryptoPro CSP

The program can be purchased on the developer’s website, or you can download the free version for 14 days, after which it switches to the limited “Start” operating mode. With its help, you can not only check received documents, but also create your own signatures under the files Microsoft Word. During normal installation, operation is carried out using the menu (Fig. 1). After this, the software module will automatically check the electronic signature in each opened document with digital signature. The successful result is shown in Fig. 2.

Rice. 1 - menu

Rice. 2. - successful result

If during the verification process a warning is issued that the certificate of the sent letter cannot be traced to the root directory, you need to import it into the storage using the tabs (Fig. 3 and 4).

Rice. 3 - certificate import wizard

Rice. 4 - select a certificate store

Checking the CEP on the Public Services Portal

Verification of a qualified electronic signature and certificate using this service is done quickly and without problems. By the way, it can be used to check the performance of your own electronic signature obtained from an accredited CA. As can be seen in Fig. 5, the program works both with a separate signature file in *.sig format and with one built into the body of the document.

Rice. 5 - portal authentication

Rice. 6 — Report on establishing the status of the certificate

As a result of successful certificate verification, the value “Valid” is displayed (Fig. 6); if unsuccessful, the reason is indicated. For example: “Certificate revoked”, or “Could not be verified”.

The EPC is also easily checked. Both described options work only with qualified signatures whose verification key certificates are included in the official CA registers. Since the centers track their validity periods, this eliminates the possibility of receiving a document signed by an invalid electronic signature.

Government services portal - checking digital signature using this resource is one of the ways to verify the authenticity of an electronic document and identify the person who signed it. Whether this opportunity is available to everyone and how to use it, we will tell you in our material below.

What is digital signature and how to check it?

EDS (electronic digital signature) is information stored electronically, which is attached or otherwise attributed to an electronic document, allowing its author to be identified. The creation, application and procedure for verifying digital signatures are regulated by federal laws:

  • “On electronic signature” dated 04/06/2011 No. 63-FZ;
  • “On information, information technologies and information protection” dated July 27, 2006 No. 149-FZ;
  • “On personal data” dated July 27, 2006 No. 152-FZ.

An electronic signature is used in 2 ways:

  1. Prepared as a separate file.
  2. It is part of the main document, i.e. it is superimposed on it.

The object may be a picture, a digital code, or no image at all. The signature certifies the outgoing file and contains information about the person signing the transmitted data. However, the specifics of the digital signature do not allow you to immediately see (as on paper) who exactly certified the text, so there is such a manipulation as checking the digital signature.

The examination is done using technical devices (personal computer, mobile phone, tablet) that have Internet access. You can check your digital signature online (for example, on the government services website) or by installing a special program directly on your PC and other devices (you still need an Internet connection).

What can you check on the government services portal?

In the process of confirming the authenticity of the digital signature, the government services portal offers to check 4 positions:

  1. Authenticity of the signing certificate. Using this function you can find out:
    • owner's name;
    • name of the organization that issued the digital signature;
    • validity period of the certificate.
  2. The validity of the digital signature that is part of the document, i.e. the attached electronic signature. In this case, one file will be scanned. As a result of the service, in addition to the information listed in the previous paragraph, the user will also find out whether the digital signature is correct.
  3. The reliability of the electronic signature, which is issued in a separate file, i.e., a detached digital signature. Here you need to upload 2 documents: the directly sent data and the signature file. The report will contain the same information as in the previous case.
  4. The fidelity of the electronic signature, disconnected from the main document, according to the hash function value, which is used for greater security of the shipment. To check such messages, you do not need to download the main document. Instead, a code calculated by a special application (we will talk about it later) is entered into the window.

After the user selects and clicks on the verification item he needs, a new dialog box will open. There you can read initial information about what exactly is checked using the selected function. Then there are columns in which you need to upload a particular file, and brief instructions on further actions.

Instructions for verification

To begin verifying your digital signature using the service on the government services website, you need to select the desired signature option (PKCS, disconnected, etc.). The further sequence of actions depends on the selected option:

  1. When checking the certificate and attached signature, the user uploads 1 document (usually a file with the .sig extension). Then enter the digital verification code and press the “Check” button. Next, a report appears on the screen that contains all the necessary information on the certificate and digital signature.
  2. If a detached signature is examined, then the main document must be loaded first, and then the file with the digital signature. Then enter the captcha and press the “Check” button. As a result, the corresponding report will open on the screen.
  3. As for handling the hashed version, you will first need to install the special application mentioned above (a utility for calculating the hash value of the Cpverify function) on your computer. You can download it directly on the verification page - you just need to click the button with the name of the desired operating system (“Windows” or “Linux”). After this, the download of the archived file will automatically begin, which will need to be opened using any archiver (for example, WinRar) and the application installed on the computer. This program will calculate the document hash value required to be entered into a form on a page. You will also need to upload a file from the digital signature (with the .sig extension) by clicking the appropriate button. The further procedure is similar to the previous situations.

Thus, the government services portal provides a special service for free for checking digital signatures. Since the procedure is performed online, it is necessary to have the appropriate technical means and Internet access. It is important to remember that the function is provided only by the old version of the portal. Using this service, you can find out the validity of any electronic signature - both attached to the main document and executed as a separate file. In addition, in the final report you will also find information about the owner of the signature, the organization that produced the digital signature, and its validity period.