Result of signature check:

certificateExpired	Valid signature but expired certificate.
certificateInvalid	Invalid signature or certificate.
certificateUntrusted	Valid signature but untrusted certificate root.
certificateOk	Trusted signature and certificate.

Character string on which the check will be performed.
This parameter can correspond to an ANSI string, a UNICODE string or a Buffer. The string will be processed as a buffer.
If this parameter corresponds to a string (without specifying the type), the type of string taken into account depends on the type of string defined by default in the current project configuration.
Remark: In the case of a UNICODE string, note that Unicode is not the same on Linux and Windows.

Buffer containing the signature of the string. This buffer is returned by CertificateSignString.

Full path of certificate file to use (in PEM, DER or P12 format).

• For a PKCS7 signature, this file allows you to add certificates used to search for trusted string.
• for the rough signature, this file contains the public key.

Versions 23 and later
Password that will be used to decrypt the certificate file if this one is password-protected.
Remark: This parameter is useful if the certificate used is identical to the one used for the signature.

New in version 23
Password that will be used to decrypt the certificate file if this one is password-protected.
Remark: This parameter is useful if the certificate used is identical to the one used for the signature.

Password that will be used to decrypt the certificate file if this one is password-protected.
Remark: This parameter is useful if the certificate used is identical to the one used for the signature.

Versions 23 and later
Full path of trusted certificate to use.
This parameter can also correspond to an array of strings containing the full path of different trusted certificates to use.

Versions 24 and later
Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

New in version 24
Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

New in version 23
Full path of trusted certificate to use.
This parameter can also correspond to an array of strings containing the full path of different trusted certificates to use.

Versions 24 and later
Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

New in version 24
Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

Full path of trusted certificate to use.
This parameter can also correspond to an array of strings containing the full path of different trusted certificates to use.

Versions 24 and later
Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

New in version 24
Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

Remark: The trusted certificates added with TrustedCertificateAdd are also taken into account.

Signature format:

certPKCS7	Signature in PKCS7 format.
certSignatureOnly	Signature only. In this case, the certSignatureOnly constant must be combined with the hashing algorithm: certSignatureOnly + certMD5: MD5 algorithm. certSignatureOnly + certSHA160: SHA1 algorithm. certSignatureOnly + certSHA256: SHA2 algorithm. A 256-bit result is produced. certSignatureOnly + certSHA384: SHA-384 algorithm. A 384-bit result is produced certSignatureOnly + certSHA512: SHA-512 algorithm. A 512-bit result is produced. In this case, the trusted string is not checked. Only the validity of signature in relation to the public key is checked.