A
complex data type used by the
Modify Signature Field operation
operation provided by the Signature service.
It contains information about the signature fields in a PDF document.
The information includes which signature fields are locked when
the signature field is signed, and constraining information that
is used at the time the signature is applied.
For information about data that can be accessed using Xpath Expressions,
see
Data items
.
For information about configuring default properties, see
Datatype specific settings
.
Data items
The data items that
PDFSignatureFieldProperties
variables
contain.
fieldMDP
A
FieldMDPOptionSpec
value
that specifies the fields that are locked after the signature field
is signed. These values are valid:
-
action:
-
The locking action that occurs when the signature field is
signed.
-
fields:
-
A list of field names to which action applies.
seedValue
A
PDFSeedValueOptionSpec
value
that contains constraining information used at the time the signature
is applied.
Datatype specific settings
Properties for configuring the appearance aspects of a
PDF Signature Field.
Field MDP Options Spec
Specifies the PDF document fields that are locked after
the signature field is signed.
Field Locking Action
A list that sets the type of action to
use to lock fields in a PDF document. No default value is selected.
Select one of these values:
-
All Fields:
-
Lock all fields in the PDF document.
-
Include Fields:
-
Lock only the fields specified in the Application To Form
Fields option.
-
Exclude Fields:
-
Lock all fields except for those fields specified in the
Applicable To Form Fields option.
Applicable to Form Fields
Sets a comma-separated list of field names
that indicate which fields the action is applicable or not applicable
to. This option is available when Field Locking Action option is
set to a value of Include Fields or Exclude Fields.
Seed Value Options Spec
Properties for the document signature.
For the properties that are formatted as an editable list, use
the following buttons to manage the list:
-
Add
A List Entry:
-
Adds an entry to the list. Depending on the option, type the
information, select an item from a drop-down list, or select a file
from a network location or computer. When you select a file from
a location on your computer, during run time, the file must exist
in the same location on AEM forms Server.
-
Delete
Selected List Entry:
-
Removes an entry from the list.
-
Move Selected List Entry Up
One Row:
-
Moves the selected entry up in the list.
-
Move Selected List Entry Down
One Row:
-
Moves the selected entry down in the list.
Some properties
have the Required option beside them. Selecting this option means
that the property is a required constraint and without it, the signing
fails.
Signature Handler Options
Options for specifying the filters and subfilters used
for validating a signature field. The signature field is embedded
in a PDF document and the seed value dictionary is associated with
a signature field.
Signature Handler
A list of handlers to use for the digital signatures.
Adobe.PPKLite is a string valid value that can be selected to represent
the creation and validation of Adobe-specific signatures. You can
use other signature handlers by typing values, such as
Entrust.PPEF
,
CIC.SignIt
,
and
VeriSign.PPKVS
. For information about supported
signature handlers, see PDF Utilities. No default value is selected.
-
Adobe.PPKLite:
-
The recommended handler for signing PDF documents.
-
Required:
-
Select to specify that the signature handler is used for
the seed value. It is not selected by default.
Signature SubFilter
The supported subfilter names, which describe
the encoding of the signature value and key information. Signature
handlers must support the listed subfilters; otherwise, the signing
fails. These string values are valid for public-key cryptographic
(see PDF Utilities), which you must type:
-
adbe.x509.rsa_sha1:
-
The key contains a DER-encoded PKCS#1 binary data object.
The binary objects represent the signature obtained as the RSA encryption
of the byte range SHA-1 digest with the private key of the signer.
Use this value when signing PDF documents using PKCS#1 signatures.
-
adbe.pkcs7.detached:
-
The key is a DER-encoded PKCS#7 binary data object containing
the signature. No data is encapsulated in the PKCS#7-signed data field.
-
adbe.pkcs7.sha1:
-
The key is a DER-encoded PKCS#7 binary object representing
the signature value. The SHA-1 digest of the byte range digest is
encapsulated in the PKCS#7 signed data.
-
Required:
-
Select to specify that signature subfilters are used for
the seed value. It is not selected by default.
Digest Methods
The list of acceptable hashing algorithms to use.
No default hashing algorithm is provided. Add an item to the list
and select an encryption algorithm. Select one of these values:
-
SHA1:
-
The Secure Hash Algorithm that has a 160-bit hash value.
-
SHA256:
-
The Secure Hash Algorithm that has a 256-bit hash value.
-
SHA384:
-
The Secure Hash Algorithm that has a 384 bit-hash value.
-
SHA512:
-
The Secure Hash Algorithm that has a 512 bit-hash value.
-
RIPEMD160:
-
The RACE Integrity Primitives Evaluation Message Digest that
has a 160-bit message digest algorithm and is not FIPS-compliant.
-
Required:
-
Select to specify that the signature encryption algorithms
are used for the seed value. It is not selected by default.
Minimum Signature Compatibility Level
The minimum PDF version
to use to sign the signature field. No default value is selected.
Select one of these values:
-
PDF 1.5:
-
Use PDF Version 1.5.
-
PDF 1.7:
-
Use PDF Version 1.7.
-
Required:
-
Select to specify the minimum signature compatibility level
is used for the seed value. It is not selected by default.
Signature Information
A group of options for specifying the reasons, timestamp,
and details of the digital signature.
Include Revocation Information In Signature
Select to specify
that revocation information must be embedded as part of the signature
for long-term validation support. When you deselect this option,
the revocation information is not embedded as part of the signature.
By default, this option is deselected.
-
Required:
-
Select to specify that revocation checking is required for
the seed value. It is not selected by default.
Signing Reasons
The list of reasons that are associated with the
seed value dictionary used for signing the PDF document. Add an
item to the list and type a reason.
-
Required:
-
Select to specify that the associated reasons are included
for the seed value. It is not selected by default.
TimeStamp Server URL
The URL that specifies the location of the
timestamp server to use when signing a PDF document.
-
Required:
-
Select to specify that the timestamp server is required for
the seed value. It is not selected by default.
Signing/Enrollment Server URL
The location of the server that provides a
web service. The web service digitally signs a PDF document or enrolls
for new credentials.
-
Required:
-
Select to specify that the signing or enrollment server is
used for the seed value. It is not selected by default.
Server Type
The type of server to use for the value specified
for the Signing/Enrollment Server URL option. The default value
is Browser. Select one of these values:
-
Browser:
-
The URL references content that is displayed in a web browser
to allow enrolling for a new credential if a matching credential
is not found.
-
ASSP:
-
The URL references a signature web service. The web service
is used to digitally sign the PDF document on a server. The server
is specified in the Signing/Enrollment Server URL option in this
operation.
-
Required:
-
Select to use the web service to sign the PDF document. It
is not selected by default.
Signature Type
The changes that are permitted after the signature is added
and legal attestations are provided.
Type of Signature
The list representing the type of signatures
that can be applied to the signature field. The default value is
Any. Select one of these values.
-
Any:
-
Any type of signature can be applied when filling in forms,
instantiating page templates, or creating, deleting, and modifying
annotations.
-
Recipient Signature:
-
Constrains the signer to apply a Four Corner security model
on the signature field.
-
Certification Signature:
-
Constrains the signer to apply a certification signature on
the signature field with specified permissions. The specified permissions
are configured in the Field MDP Options Spec property for this operation.
No default value is selected. Select one of these values:
-
No changes allowed:
-
The end user is not permitted to change the form. Any change
invalidates the signature.
-
Form fill-in and digital signatures:
-
The end user is permitted to fill in the form, instantiate
page templates, and sign the form.
-
Annotations, form fill-in, and digital signatures:
-
The end user is permitted to fill in the form, instantiate
page templates, sign the form, and create annotations, deletions,
and modifications.
Legal Attestations
The list of legal attestations associated
with the seed value. Legal attestation constraints affect only a
certification signature. Add a legal attestation to the list by
typing it. No default legal attestations are provided.
-
Required:
-
Select to specify that legal attestations are used for the
seed value. It is not selected by default.
Signing Certificates
The list of certificates, keys, issuers, and policies used
for a digital signature. Add certificates, keys, issuers, and policies
to the list using the Open dialog box.
Signing Certificates
A list of certificates used for certifying
and verifying a signature.
-
Required:
-
Select to specify that signing certificates are used for
the seed value. It is not selected by default.
Subject Distinguished Name
The list of dictionaries, where each
dictionary contains key value pairs that specify the subject distinguished
name (DN). The DN must be present within the certificate for it
to be acceptable for signing. Add DNs to the list by using the Add Subject
DN dialog box. (See
Add Subject DN
.)
-
Required:
-
Select to specify that subject distinguished names are used
for the seed value. It is not selected by default.
KeyUsage
The
list of key usage extensions that must be present for signing a
certificate. Add an entry to the list and select the key usage.
The default for both the DigitalSignature field and Non-Repudiation
field is Don’t Care:
-
Don’t Care:
-
The key usage extension is optional.
-
Require Key Usage:
-
The key usage extension must be present.
-
Exclude Key Usage:
-
The key usage extension must not be present.
-
Required:
-
Select to specify that key usage extensions are used for
the seed value. It is not selected by default.
Additional
key usage entries are available in the PDF Utilities.
Issuers and Policies
The list of certificate issuers, policies, and associated
object identifiers.
Certificate Issuers
The list of certificate issuers. Add certificate
issuers to the list using the Open dialog box.
-
Required:
-
Select to specify that certificate issuers are used for the
seed value. It is not selected by default.
Certificate Policies and Associated Object Identifiers
The list certificate
policies associated with the certificate seed value. Add certificate
policies to the list by typing them.
-
Required:
-
Select to specify that certificate policies and associated
identifies are used for the seed value. It is not selected by default.
|
|
|