Modifies
the field lock and seed value options and field MDP options of an unsigned
signature field in a PDF document. A field lock value specifies
a list of fields that are locked when a signature field is signed.
A locked field prevents users from making changes to the field.
A seed value contains constraining information that is used at the
time the signature is applied, such as the actions that can occur
without invalidating the signature.
For example, your application must lock all the fields after
the PDF document is signed. The existing signature field might lock
only one field after a digital signature is applied. You use the
Modify Signature Field operation to change the signature field so
that all fields are locked after a signature is applied.
For information about the General and Route Evaluation property
groups, see
Common operation properties
.
Some properties of this operation provide the following buttons
to manage entries in lists:
-
Add
A List Entry:
-
Adds an entry to the list. Depending on the option, you type
the information, select an item from a drop-down list, or select
a file from a network location or computer. When you select a file
from a location on your computer, during run time, the file must
exist in the same location on the AEM forms Server.
-
Delete
Selected List Entry:
-
Removes an entry from the list.
-
Move Selected List Entry Up
One Row:
-
Moves the selected entry up in the list.
-
Move Selected List Entry Down
One Row:
-
Moves the selected entry down in the list.
Input properties
Properties to specify the PDF document with an unsigned
signature field, the name of the signature field, and the signature
field properties.
Input PDF
A
document
value
that represents the PDF document where the signature field is modified.
If
you provide a literal value, clicking the ellipsis button opens
the Select Asset dialog box. (See
About Select Asset
.)
When you provide a PDF document that
has unsigned signature fields, it populates the Signature Field
Name property as a list. The list contains fully qualified names
of unsigned signature fields in the PDF document.
Signature Field Name
A
string
value
that represents the name of the signature field in the PDF document
that contains a signature. The fully qualified name of the signature field
must be specified. When using a PDF document based on a form created
in Designer, the partial name of the signature field can be used.
For example,
form1[0].#subform[1].SignatureField3[3]
can
be specified as
SignatureField3[3]
.
If you
are modifying signature fields in a PDF document, the partial name
of the signature field can also be used. For example,
form1[0].#subform[1].SignatureField3[3]
can
be specified as
SignatureField3[3]
. If multiple
signature fields exist with a similar partial name, the first signature
field enumerated with the same partial name is signed. It is recommended
that a fully qualified name is used to avoid these situations.
If
you provide a literal value for Signature Name Field and a literal
value is provided in the Input PDF property, a list appears. Select
one of the values from the list of fully qualified names. Each fully
qualified name represents an unsigned signature field in the provided
PDF document.
Field MDP Options Spec
(Optional)
A
FieldMDPOptionSpec
value
that specifies the PDF document fields that are locked after the
signature field is signed.
If you provide a literal value,
you can set the following options.
-
Field Locking
Action:
-
A list that sets the type of action to use to lock fields
in a PDF document. Select one of these values:
-
All Fields:
Lock
all fields in the PDF document.
-
Include Fields:
Lock only the fields specified in
the Application To Form Fields option.
-
Exclude Fields:
Lock all fields except for those specified
in the Applicable To Form Fields option.
-
Applicable to Form Fields:
-
Sets a comma-separated list of fully qualified field names
that indicate which fields the action is applicable or not applicable
to. This option is available when the Field Locking Action option
is set to a value of Include Fields or Exclude Fields.
Seed Value Options Spec
(Optional)
A
PDFSeedValueOptionSpec
value
that represents the seed value dictionary that is associated with
a signature field. A seed value dictionary contains entries that
constrain information that is used at the time the signature is
applied. The options are used for specifying the document signature
settings.
If you provide a literal value, you can set the
following options:
-
Signature Handler Options:
-
Options for specifying the filters and subfilters that are
used for validating a signature field. The signature field is embedded
in a PDF document and the seed value dictionary is associated with
a signature field.
-
Signature Handler:
A list
of handlers to use for the digital signatures. Adobe.PPKLite is
a valid value that can be selected to represent the creation and
validation of Adobe-specific signatures. You can use other signature handlers
by typing string values, such as
Entrust.PPEF
,
CIC.SignIt
, and
VeriSign.PPKVS
.
For information about supported signature handlers, see
PDF
Utilities Service
.
No default value is selected.
The following signature handler is available to be selected from
the list:
-
Signature SubFilter:
The supported subfilter names,
which describe the encoding of the signature value and key information.
Signature handlers must support the listed subfilters; otherwise,
the signing fails. These string values, which you must type, are
valid for public-key cryptographic (see
PDF Utilities Service
):
-
adbe.x509.rsa_sha1:
The key contains a DER-encoded
PKCS#1 binary data object. The binary objects represent the signature
that is obtained as the RSA encryption of the byte range SHA-1 digest
with the private key of the signer. Use this value when signing
PDF documents using PKCS#1 signatures.
-
adbe.pkcs7.detached:
The key is a DER-encoded PKCS#7
binary data object that contains the signature. No data is encapsulated
in the PKCS#7-signed data field.
-
adbe.pkcs7.sha1:
The key is a DER-encoded PKCS#7 binary
object that represents the signature value. The SHA-1 digest of
the byte range digest is encapsulated in the PKCS#7 signed data.
Required:
Select
to specify that signature subfilters are used for the seed value.
It is not selected by default.
-
Digest Methods:
The list of acceptable hashing algorithms
to use. Add an item to the list and select an encryption algorithm.
Select one of these values:
-
SHA1:
(Default)
The Secure Hash Algorithm that has a 160-bit hash value.
-
SHA256:
The Secure Hash Algorithm that has a 256-bit
hash value.
-
SHA384:
The Secure Hash Algorithm that has a 384 bit-hash
value.
-
SHA512:
The Secure Hash Algorithm that has a 512 bit-hash
value.
-
RIPEMD160:
The RACE Integrity Primitives Evaluation
Message Digest that has a 160-bit message digest algorithm and is
not FIPS-compliant.
Required:
Select to
specify that the signature encryption algorithms are used for the
seed value. It is not selected by default.
-
Minimum Signature Compatibility Level:
The minimum
PDF version to use to sign the signature field. Select one of these
values:
Required:
Select
to specify the minimum signature compatibility level is used for
the seed value. It is not selected by default.
-
Signature Information:
-
A group of options for specifying the reasons, timestamp,
and details of the digital signature.
-
Include Revocation Information in Signature:
Select
to specify that revocation information must be embedded as part
of the signature for long-term validation support. When you deselect
this option, the revocation information is not embedded as part
of the signature. By default, this option is deselected.
Required:
Select
to specify that revocation checking is required for the seed value.
It is not selected by default.
-
Signing Reasons:
The list of reasons that are associated
with the seed value dictionary used for signing the PDF document.
Add an item to the list and type a reason.
Required:
Select
to specify that the associated reasons are included for the seed
value. It is not selected by default.
-
TimeStamp Server URL:
The URL that specifies the location
of the timestamp server to use when signing a PDF document.
Required:
Select
to specify that the timestamp server is required for the seed value.
It is not selected by default.
-
Signing/Enrollment Server URL:
The location of the
server that provides a web service. The web service digitally signs
a PDF document or enrolls for new credentials.
Required:
Select
to specify that the signing or enrollment server is used for the
seed value. It is not selected by default.
-
Server Type:
The type of server to use for the value
specified for the Signing/Enrollment Server URL option. Select one
of these values:
-
Browser:
(Default) The URL
references content that is displayed in a web browser to allow enrolling
for a new credential if a matching credential is not found.
-
ASSP:
The URL references a signature web service.
The web service is used to digitally sign the PDF document on a
server. The server is specified in the Signing/Enrollment Server
URL option in this operation.
Required
:
Select to use the web service to sign the PDF document. It is not selected
by default.
-
Signature Type:
-
The changes that are permitted after the signature is added and
legal attestations are provided.
-
Type of Signature:
The
list representing the type of signatures that can be applied to
the signature field. Select one of these values:
Any:
(Default)
Any type of signature can be applied when filling forms, instantiating
page templates, or creating, deleting, and modifying annotations.
Recipient Signature:
Restricts
the signer to apply a Four Corner security model on the signature
field.
Certification Signature:
Constrains the signer
to apply a certification signature on the signature field with specified
permissions. The specified permissions are configured in the Field
MDP Options Spec property for this operation. Select one of these
values:
-
No changes allowed
: The end user is
not permitted to change the form. Any change invalidates the signature.
-
Form fill-in and digital signatures
: The end user
is permitted to fill the form, instantiate page templates, and sign
the form.
-
Annotations, form fill-in, and digital signatures
:
The end user is permitted to fill the form, instantiate page templates,
sign the form, and create annotations, deletions and modifications.
-
Legal Attestations:
The list of legal attestations
that are associated with the seed value. Legal attestation constraints
affect only a certification signature. When you select Any or Certificate
Signature option for the Type of Signature, you can add a legal
attestation to the list by typing it.
Required:
Select
to specify that legal attestations are used for the seed value. It
is not selected by default.
-
Signing Certificates:
-
The list of certificates, keys, issuers, and policies that
are used for a digital signature. Add certificates, keys, issuers,
and policies to the list by using the Open dialog box.
-
Signing Certificates:
A list of certificates that
are used for certifying and verifying a signature.
Required:
Select
to specify that signing certificates are used for the seed value.
It is not selected by default.
-
Subject Distinguished Name:
The list of dictionaries,
where each dictionary contains key value pairs that specify the
subject distinguished name (DN). The DN must be present within the
certificate for it to be acceptable for signing. Add DNs to the
list by using the Add Subject DN dialog box. (See
Add Subject DN
.)
Required:
Select to specify
that subject distinguished names are used for the seed value. It
is not selected by default.
-
KeyUsage:
The list of key usage extensions that must
be present for signing a certificate. Add an entry to the list and
select the key usage. Additional key usage entries are available
in
PDF Utilities Service
. Select one of these key usage values
for each entry:
-
Don’t Care:
(Default) The key
usage extension is optional.
-
Require Key Usage:
The key usage extension must be
present.
-
Exclude Key Usage:
The key usage extension must not
be present.
Required:
Select to specify that
key usage extensions are used for the seed value. It is not selected
by default.
-
Issuers and Policies:
-
The list of certificate issuers, policies, and associated object
identifiers.
-
Certificate Issuers:
The list
of certificate issuers. Add certificate issuers to the list by using
the Open dialog box.
Required:
Select to specify that
certificate issuers are used for the seed value. It is not selected
by default.
-
Certificate Policies And Associated Object Identifiers:
The
list of certificate policies that are associated with the certificate
seed value. Add certificate policies to the list by typing it.
Required:
Select
to specify that certificate policies and associated identifies are
used for the seed value. It is not selected by default.
Outputproperties
Property to specify the PDF document.
Output PDF
The location in the process data model to store the
modified PDF document. The data type is
document
.
|
|
|