Submit a ticket
Welcome
Login
  1. Oneflow Help Center
  2. Solution home
  3. Manage your documents
  4. Security

Download document verification (Legacy)

Angelica Angelis
Modified on: Mon, 14 Oct, 2024 at 4:23 PM
IMPORTANT
For documents signed before January 15, 2024 13:00 UTC, please follow this article to download the document verification.

All documents created and signed after January 15, 2024 13:00 UTC, are sealed directly without the need for a verification, please read the article Open the digital certificate.

Download document verification 

The document verification information file is a digital certificate proving that the document is valid, securely sealed and signed by all document parties, and that their signatures are verified. Document verification is available only after all signatories has sign the document.

The signed document is electronically sealed to ensure integrity and provide non-repudiation. This means that any change that is made to the document, even if it is just a single character, will break the seal and the change can be detected.

To apply the seal to the document, Oneflow partners with Sovos Trustweaver. Sovos Trustweaver is a Qualified Trusted Service Provider and the seal that is applied to the document is a Qualified Electronic Seal. 

However, the qualified seal is not applied directly on the document PDF but rather to a verification PDF. The verification contains a fingerprint (or hash or digest) of the document PDF, and provides a cryptographically secure link between the seal, the content of verification and the document content. The attachments to the document are secured in the same manner, with cryptographically secure hashes to all attachment files.

To validate the integrity of a document and attachments follow the steps below.

INFORMATION
Document verification is available only after all signatories has signed the document. 

Download the document as a PDF

Before downloading the document verification, you need to download your document as a PDF.

Owner's side

  1. Go to Documents > Open your document.
  2. Click on the action menu > Download as PDF

Counterparty side

  1. Open your document .
  2. Go to More options >  Download as PDF.

Open the document in Adobe Reader

Now that you have downloaded the PDF document on your device:

  1. Open the PDF in Adobe Reader and click on the Attachment icon to the left.
  2. Open the Verification.txt file, choose the Open this file option, and click OK
  3. Copy the verification link and paste it into your browser.
  4. The verification should be downloaded, and you can open it in Adobe Reader.
    NOTE If the verification wasn't downloaded, click on Click here if the download does not start automatically
  5. When you open the verification, it will look like this:
NOTE
The blue bar at the top saying “Signed and all signatures are valid”. This will prove that the integrity of the verification PDF has not been broken.

Validate integrity of the document PDF

To validate the integrity of the document PDF you need to get the sha256 sum of the document PDF.

On Windows this can be done by running the following command in a terminal window.

C:\> certUtil -hashfile C:\contract.pdf SHA256

Compare the output (the hash) of the command with the “Secure hash” in the verification PDF. If they are the same it proves the integrity of the document PDF as even changing a single character/byte in the document PDF will change the hash.

Further details on how to validate the document PDF can be found on page two of the verification PDF.

NOTE	
If you want to be able to verify documents after removing them from Oneflow, make sure you download both the contract.pdf and verification.pdf, including all attachments.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Related Articles