PDFSignatureFieldProperties

A complex data type used by the Modify Signature Field operation operation provided by the Signature service. It contains information about the signature fields in a PDF document. The information includes which signature fields are locked when the signature field is signed, and constraining information that is used at the time the signature is applied.

For information about data that can be accessed using Xpath Expressions, see Data items.

For information about configuring default properties, see Datatype specific settings.

Data items

The data items that PDFSignatureFieldProperties variables contain.

fieldMDP

A FieldMDPOptionSpec value that specifies the fields that are locked after the signature field is signed. These values are valid:

action:
The locking action that occurs when the signature field is signed.

fields:
A list of field names to which action applies.

seedValue

A PDFSeedValueOptionSpec value that contains constraining information used at the time the signature is applied.

Datatype specific settings

Properties for configuring the appearance aspects of a PDF Signature Field.

Field MDP Options Spec

Specifies the PDF document fields that are locked after the signature field is signed.

Field Locking Action

A list that sets the type of action to use to lock fields in a PDF document. No default value is selected. Select one of these values:

All Fields:
Lock all fields in the PDF document.

Include Fields:
Lock only the fields specified in the Application To Form Fields option.

Exclude Fields:
Lock all fields except for those fields specified in the Applicable To Form Fields option.

Applicable to Form Fields

Sets a comma-separated list of field names that indicate which fields the action is applicable or not applicable to. This option is available when Field Locking Action option is set to a value of Include Fields or Exclude Fields.

Seed Value Options Spec

Properties for the document signature.

For the properties that are formatted as an editable list, use the following buttons to manage the list:

A green plus sign.Add A List Entry:
Adds an entry to the list. Depending on the option, type the information, select an item from a drop-down list, or select a file from a network location or computer. When you select a file from a location on your computer, during run time, the file must exist in the same location on LiveCycle Server.

A red "X".Delete Selected List Entry:
Removes an entry from the list.

A blue arrowhead pointing up.Move Selected List Entry Up One Row:
Moves the selected entry up in the list.

A blue arrowhead pointing down.Move Selected List Entry Down One Row:
Moves the selected entry down in the list.

Some properties have the Required option beside them. Selecting this option means that the property is a required constraint and without it, the signing fails.

Signature Handler Options

Options for specifying the filters and subfilters used for validating a signature field. The signature field is embedded in a PDF document and the seed value dictionary is associated with a signature field.

Signature Handler

A list of handlers to use for the digital signatures. Adobe.PPKLite is a string valid value that can be selected to represent the creation and validation of Adobe-specific signatures. You can use other signature handlers by typing values, such as Entrust.PPEF, CIC.SignIt, and VeriSign.PPKVS. For information about supported signature handlers, see PDF Utilities. No default value is selected.

Adobe.PPKLite:
The recommended handler for signing PDF documents.

Required:
Select to specify that the signature handler is used for the seed value. It is not selected by default.

Signature SubFilter

The supported subfilter names, which describe the encoding of the signature value and key information. Signature handlers must support the listed subfilters; otherwise, the signing fails. These string values are valid for public-key cryptographic (see PDF Utilities), which you must type:

adbe.x509.rsa_sha1:
The key contains a DER-encoded PKCS#1 binary data object. The binary objects represent the signature obtained as the RSA encryption of the byte range SHA-1 digest with the private key of the signer. Use this value when signing PDF documents using PKCS#1 signatures.

adbe.pkcs7.detached:
The key is a DER-encoded PKCS#7 binary data object containing the signature. No data is encapsulated in the PKCS#7-signed data field.

adbe.pkcs7.sha1:
The key is a DER-encoded PKCS#7 binary object representing the signature value. The SHA-1 digest of the byte range digest is encapsulated in the PKCS#7 signed data.

Required:
Select to specify that signature subfilters are used for the seed value. It is not selected by default.

Digest Methods

The list of acceptable hashing algorithms to use. No default hashing algorithm is provided. Add an item to the list and select an encryption algorithm. Select one of these values:

SHA1:
The Secure Hash Algorithm that has a 160-bit hash value.

SHA256:
The Secure Hash Algorithm that has a 256-bit hash value.

SHA384:
The Secure Hash Algorithm that has a 384 bit-hash value.

SHA512:
The Secure Hash Algorithm that has a 512 bit-hash value.

RIPEMD160:
The RACE Integrity Primitives Evaluation Message Digest that has a 160-bit message digest algorithm and is not FIPS-compliant.

Required:
Select to specify that the signature encryption algorithms are used for the seed value. It is not selected by default.

Minimum Signature Compatibility Level

The minimum PDF version to use to sign the signature field. No default value is selected. Select one of these values:

PDF 1.5:
Use PDF Version 1.5.

PDF 1.7:
Use PDF Version 1.7.

Required:
Select to specify the minimum signature compatibility level is used for the seed value. It is not selected by default.

Signature Information

A group of options for specifying the reasons, timestamp, and details of the digital signature.

Include Revocation Information In Signature

Select to specify that revocation information must be embedded as part of the signature for long-term validation support. When you deselect this option, the revocation information is not embedded as part of the signature. By default, this option is deselected.

Required:
Select to specify that revocation checking is required for the seed value. It is not selected by default.

Signing Reasons

The list of reasons that are associated with the seed value dictionary used for signing the PDF document. Add an item to the list and type a reason.

Required:
Select to specify that the associated reasons are included for the seed value. It is not selected by default.

TimeStamp Server URL

The URL that specifies the location of the timestamp server to use when signing a PDF document.

Required:
Select to specify that the timestamp server is required for the seed value. It is not selected by default.

Signing/Enrollment Server URL

The location of the server that provides a web service. The web service digitally signs a PDF document or enrolls for new credentials.

Required:
Select to specify that the signing or enrollment server is used for the seed value. It is not selected by default.

Server Type

The type of server to use for the value specified for the Signing/Enrollment Server URL option. The default value is Browser. Select one of these values:

Browser:
The URL references content that is displayed in a web browser to allow enrolling for a new credential if a matching credential is not found.

ASSP:
The URL references a signature web service. The web service is used to digitally sign the PDF document on a server. The server is specified in the Signing/Enrollment Server URL option in this operation.

Required:
Select to use the web service to sign the PDF document. It is not selected by default.

Signature Type

The changes that are permitted after the signature is added and legal attestations are provided.

Type of Signature

The list representing the type of signatures that can be applied to the signature field. The default value is Any. Select one of these values.

Any:
Any type of signature can be applied when filling in forms, instantiating page templates, or creating, deleting, and modifying annotations.

Recipient Signature:
Constrains the signer to apply a Four Corner security model on the signature field.

Certification Signature:
Constrains the signer to apply a certification signature on the signature field with specified permissions. The specified permissions are configured in the Field MDP Options Spec property for this operation. No default value is selected. Select one of these values:

No changes allowed:
The end user is not permitted to change the form. Any change invalidates the signature.

Form fill-in and digital signatures:
The end user is permitted to fill in the form, instantiate page templates, and sign the form.

Annotations, form fill-in, and digital signatures:
The end user is permitted to fill in the form, instantiate page templates, sign the form, and create annotations, deletions, and modifications.

Legal Attestations

The list of legal attestations associated with the seed value. Legal attestation constraints affect only a certification signature. Add a legal attestation to the list by typing it. No default legal attestations are provided.

Required:
Select to specify that legal attestations are used for the seed value. It is not selected by default.

Signing Certificates

The list of certificates, keys, issuers, and policies used for a digital signature. Add certificates, keys, issuers, and policies to the list using the Open dialog box.

Signing Certificates

A list of certificates used for certifying and verifying a signature.

Required:
Select to specify that signing certificates are used for the seed value. It is not selected by default.

Subject Distinguished Name

The list of dictionaries, where each dictionary contains key value pairs that specify the subject distinguished name (DN). The DN must be present within the certificate for it to be acceptable for signing. Add DNs to the list by using the Add Subject DN dialog box. (See Add Subject DN.)

Required:
Select to specify that subject distinguished names are used for the seed value. It is not selected by default.

KeyUsage

The list of key usage extensions that must be present for signing a certificate. Add an entry to the list and select the key usage. The default for both the DigitalSignature field and Non-Repudiation field is Don’t Care:

Don’t Care:
The key usage extension is optional.

Require Key Usage:
The key usage extension must be present.

Exclude Key Usage:
The key usage extension must not be present.

Required:
Select to specify that key usage extensions are used for the seed value. It is not selected by default.

Additional key usage entries are available in the PDF Utilities.

Issuers and Policies

The list of certificate issuers, policies, and associated object identifiers.

Certificate Issuers

The list of certificate issuers. Add certificate issuers to the list using the Open dialog box.

Required:
Select to specify that certificate issuers are used for the seed value. It is not selected by default.

Certificate Policies and Associated Object Identifiers

The list certificate policies associated with the certificate seed value. Add certificate policies to the list by typing them.

Required:
Select to specify that certificate policies and associated identifies are used for the seed value. It is not selected by default.