Creates an invisible signature field in
a PDF document. Use an invisible signature field when you do not
want the signature field displayed to a user.
For example, your application must use the AEM forms Server to
digitally sign a PDF form but the form has no signature field on
it. You use the Add Invisible Signature Field operation to add a
hidden signature field to the PDF form. An invisible signature field
is useful when you sign the signature field on the server. It is
also useful when do not want a user to see the digital signature
field in the form, however, the user can still see that an invisible
signature exists in the Signatures tab in Acrobat or Adobe Reader.
After you add the signature field, you can sign the signature field
using the
Sign Signature Field operation
or
Certify PDF operation
operation in subsequent steps in the process.
Important:
You cannot add an invisible signature field
to a dynamic PDF form.
For information about the General and Route Evaluation property
groups, see
Common operation properties
.
Some properties of this operation provide the following buttons
to manage entries in lists:
-
Add
A List Entry:
-
Adds an entry to the list. Depending on the option, you type
the information, select an item from a drop-down list, or select
a file from a network location or computer. When you select a file
from a location on your computer, during run time, the file must
exist in the same location on the AEM forms Server.
-
Delete
Selected List Entry:
-
Removes an entry from the list.
-
Move Selected List Entry Up
One Row:
-
Moves the selected entry up in the list.
-
Move Selected List Entry Down
One Row:
-
Moves the selected entry down in the list.
Common properties
Properties to specify mandatory values.
Input PDF
A
document
value
that represents the PDF document to which the invisible signature
field is added.
If you provide a literal value, clicking
the ellipsis button opens the Select Asset dialog box. (See
About Select Asset
.)
Signature Field Name
A
string
value
for the name of the signature field to add. The fully qualified name
of the signature field must be specified.
Advanced properties
Properties to specify the PDF document fields that are
locked after the signature field is signed, the seed value dictionary
associated with the digital signature.
Field MDP Options Spec
(Optional)
A
FieldMDPOptionSpec
value
that specifies the PDF document fields that are locked after the
signature field is signed.
If you provide a literal value,
you can set the following options.
-
Field Locking
Action:
-
A list that sets the type of action to use to lock fields
in a PDF document. Select one of these values:
-
All Fields:
Lock
all fields in the PDF document.
-
Include Fields:
Lock only the fields specified in
the Application To Form Fields option.
-
Exclude Fields:
Lock all fields except for those specified
in the Applicable To Form Fields option.
-
Applicable to Form Fields:
-
Sets a comma-separated list of fully qualified field names
that indicate which fields the action is applicable or not applicable
to. This option is available when the Field Locking Action option
is set to a value of Include Fields or Exclude Fields.
Seed Value Options Spec
(Optional)
A
PDFSeedValueOptionSpec
value
that represents the seed value dictionary that is associated with
a signature field. A seed value dictionary contains entries that
constrain information that is used at the time the signature is
applied. The options are used for specifying the document signature
settings.
If you provide a literal value, you can set the
following options:
-
Signature Handler Options:
-
Options for specifying the filters and subfilters that are
used for validating a signature field. The signature field is embedded
in a PDF document and the seed value dictionary is associated with
a signature field.
-
Signature Handler:
A list
of handlers to use for the digital signatures. Adobe.PPKLite is
a valid value that can be selected to represent the creation and
validation of Adobe-specific signatures. You can use other signature handlers
by typing string values, such as
Entrust.PPEF
,
CIC.SignIt
, and
VeriSign.PPKVS
.
For information about supported signature handlers, see
PDF Utilities Service
.
No
default value is selected. The following signature handler is available
to be selected from the list:
-
Signature SubFilter:
The supported subfilter names,
which describe the encoding of the signature value and key information.
Signature handlers must support the listed subfilters; otherwise,
the signing fails. These string values, which you must type, are
valid for public-key cryptographic (see
PDF Utilities Service
):
-
adbe.x509.rsa_sha1:
The key contains a DER-encoded
PKCS#1 binary data object. The binary objects represent the signature
that is obtained as the RSA encryption of the byte range SHA-1 digest
with the private key of the signer. Use this value when signing
PDF documents using PKCS#1 signatures.
-
adbe.pkcs7.detached:
The key is a DER-encoded PKCS#7
binary data object that contains the signature. No data is encapsulated
in the PKCS#7-signed data field.
-
adbe.pkcs7.sha1:
The key is a DER-encoded PKCS#7 binary
object that represents the signature value. The SHA-1 digest of
the byte range digest is encapsulated in the PKCS#7 signed data.
Required:
Select
to specify that signature subfilters are used for the seed value.
It is not selected by default.
-
Digest Methods:
The list of acceptable hashing algorithms
to use. Add an item to the list and select an encryption algorithm.
Select one of these values:
-
SHA1:
(Default)
The Secure Hash Algorithm that has a 160-bit hash value.
-
SHA256:
The Secure Hash Algorithm that has a 256-bit
hash value.
-
SHA384:
The Secure Hash Algorithm that has a 384 bit-hash
value.
-
SHA512:
The Secure Hash Algorithm that has a 512 bit-hash
value.
-
RIPEMD160:
The RACE Integrity Primitives Evaluation
Message Digest that has a 160-bit message digest algorithm and is
not FIPS-compliant.
Required:
Select to
specify that the signature encryption algorithms are used for the
seed value. It is not selected by default.
-
Minimum Signature Compatibility Level:
The minimum
PDF version to use to sign the signature field. Select one of these
values:
Required:
Select
to specify the minimum signature compatibility level is used for
the seed value. It is not selected by default.
-
Signature Information:
-
A group of options for specifying the reasons, timestamp,
and details of the digital signature.
-
Include Revocation Information in Signature:
Select
to specify that revocation information must be embedded as part
of the signature for long-term validation support. When you deselect
this option, the revocation information is not embedded as part
of the signature. By default, this option is deselected.
Required:
Select
to specify that revocation checking is required for the seed value.
It is not selected by default.
-
Signing Reasons:
The list of reasons that are associated
with the seed value dictionary used for signing the PDF document.
Add an item to the list and type a reason.
Required:
Select
to specify that the associated reasons are included for the seed
value. It is not selected by default.
-
TimeStamp Server URL:
The URL that specifies the location
of the timestamp server to use when signing a PDF document.
Required:
Select
to specify that the timestamp server is required for the seed value.
It is not selected by default.
-
Signing/Enrollment Server URL:
The location of the
server that provides a web service. The web service digitally signs
a PDF document or enrolls for new credentials.
Required:
Select
to specify that the signing or enrollment server is used for the
seed value. It is not selected by default.
-
Server Type:
The type of server to use for the value
specified for the Signing/Enrollment Server URL option. Select one
of these values:
-
Browser:
(Default) The URL
references content that is displayed in a web browser to allow enrolling
for a new credential if a matching credential is not found.
-
ASSP:
The URL references a signature web service.
The web service is used to digitally sign the PDF document on a
server. The server is specified in the Signing/Enrollment Server
URL option in this operation.
Required
:
Select to use the web service to sign the PDF document. It is not selected
by default.
-
Signature Type:
-
The changes that are permitted after the signature is added and
legal attestations are provided.
-
Type of Signature:
The
list representing the type of signatures that can be applied to
the signature field. Select one of these values:
Any:
(Default)
Any type of signature can be applied when filling forms, instantiating
page templates, or creating, deleting, and modifying annotations.
Recipient Signature:
Restricts
the signer to apply a Four Corner security model on the signature
field.
Certification Signature:
Constrains the signer
to apply a certification signature on the signature field with specified
permissions. The specified permissions are configured in the Field
MDP Options Spec property for this operation. Select one of these
values:
-
No changes allowed
: The end user is
not permitted to change the form. Any change invalidates the signature.
-
Form fill-in and digital signatures
: The end user
is permitted to fill the form, instantiate page templates, and sign
the form.
-
Annotations, form fill-in, and digital signatures
:
The end user is permitted to fill the form, instantiate page templates,
sign the form, and create annotations, deletions and modifications.
-
Legal Attestations:
The list of legal attestations
that are associated with the seed value. Legal attestation constraints
affect only a certification signature. When you select Any or Certificate
Signature option for the Type of Signature, you can add a legal
attestation to the list by typing it.
Required:
Select
to specify that legal attestations are used for the seed value. It
is not selected by default.
-
Signing Certificates:
-
The list of certificates, keys, issuers, and policies that
are used for a digital signature. Add certificates, keys, issuers,
and policies to the list by using the Open dialog box.
-
Signing Certificates:
A list of certificates that
are used for certifying and verifying a signature.
Required:
Select
to specify that signing certificates are used for the seed value.
It is not selected by default.
-
Subject Distinguished Name:
The list of dictionaries,
where each dictionary contains key value pairs that specify the
subject distinguished name (DN). The DN must be present within the
certificate for it to be acceptable for signing. Add DNs to the
list by using the Add Subject DN dialog box. (See
Add Subject DN
.)
Required:
Select to specify
that subject distinguished names are used for the seed value. It
is not selected by default.
-
KeyUsage:
The list of key usage extensions that must
be present for signing a certificate. Add an entry to the list and
select the key usage. Additional key usage entries are available
in
PDF Utilities Service
. Select one of these key usage values
for each entry:
-
Don’t Care:
(Default) The key
usage extension is optional.
-
Require Key Usage:
The key usage extension must be
present.
-
Exclude Key Usage:
The key usage extension must not
be present.
Required:
Select to specify that
key usage extensions are used for the seed value. It is not selected
by default.
-
Issuers and Policies:
-
The list of certificate issuers, policies, and associated object
identifiers.
-
Certificate Issuers:
The list
of certificate issuers. Add certificate issuers to the list by using
the Open dialog box.
Required:
Select to specify that
certificate issuers are used for the seed value. It is not selected
by default.
-
Certificate Policies And Associated Object Identifiers:
The
list of certificate policies that are associated with the certificate
seed value. Add certificate policies to the list by typing it.
Required:
Select
to specify that certificate policies and associated identifies are
used for the seed value. It is not selected by default.
Output properties
Property to specify the output PDF document.
Output PDF
The location in the process data model to store the
PDF document. The PDF document has an invisible signature field
added to it. The data type is
document
.
|
|
|