69
©
Adobe Systems Incorporated 2008 – All rights reserved
467
PDF 32000-1:2008
•
Additionally, modification detection may be specified by a signature reference dictionary. The
TransformMethod entry shall specify the general method for modification detection, and the
TransformParams entry shall specify the variable portions of the method.
A PDF document may contain the following standard types of signatures:
•
One or more approval signatures. These signatures appear in signature form fields (see 12.7.4.5,
“Signature Fields”). The signature dictionary corresponding to each signature shall be the value of the form
field (as specified by its V entry). The signature dictionary shall contain a ByteRange entry representing a
byte range digest, as described previously. A signature shall be validated by recomputing the digest and
comparing it with the one stored in the signature.
NOTE 1
If a signed document is modified and saved by incremental update (see 7.5.6, “Incremental Updates”), the data
corresponding to the byte range of the original signature is preserved. Therefore, if the signature is valid, it is
possible to recreate the state of the document as it existed at the time of signing.
•
At most one certification signature (PDF 1.5). The signature dictionary of a certification signature shall be
the value of a signature field and shall contain a ByteRange entry. It may also be referenced from the
DocMDP entry in the permissions dictionary (see 12.8.4, “Permissions”). The signature dictionary shall
contain a signature reference dictionary (see Table 253) that has a DocMDP transform method. See
12.8.2.2, “DocMDP” for information on how these signatures shall be created and validated.
A signature dictionary for a certification or approval signature may also have a signature reference
dictionary with a FieldMDP transform method; see 12.8.2.4, “FieldMDP.”
•
At most two usage rights signatures (PDF 1.5). Its signature dictionary shall be referenced from the UR3
(PDF 1.6) entry in the permissions dictionary, whose entries are listed in Table 258, (not from a signature
field). The signature dictionary shall contain a Reference entry whose value is a signature reference
dictionary that has a UR transform method. See 12.8.2.3, “UR” for information on how these signatures
shall be created and validated.
Table 252 – Entries in a signature dictionary
Key
Type
Value
Type
name
(Optional) The type of PDF object that this dictionary describes; if
present, shall be Sig for a signature dictionary.
Filter
name
(Required; inheritable) The name of the preferred signature handler to
use when validating this signature. If the Prop_Build entry is not
present, it shall be also the name of the signature handler that was
used to create the signature. If Prop_Build is present, it may be used
to determine the name of the handler that created the signature (which
is typically the same as Filter but is not needed to be). A conforming
reader may substitute a different handler when verifying the signature,
as long as it supports the specified SubFilter format. Example
signature handlers are Adobe.PPKLite, Entrust.PPKEF, CICI.SignIt,
and VeriSign.PPKVS. The name of the filter (i.e. signature handler)
shall be identified in accordance with the rules defined in Annex E.
SubFilter
name
(Optional) A name that describes the encoding of the signature value
and key information in the signature dictionary. A conforming reader
may use any handler that supports this format to validate the
signature.
(PDF 1.6) The following values for public-key cryptographic signatures
shall be used: adbe.x509.rsa_sha1, adbe.pkcs7.detached, and
adbe.pkcs7.sha1 (see 12.8.3, “Signature Interoperability”). Other
values may be defined by developers, and when used, shall be
prefixed with the registered developer identification. All prefix names
shall be registered (see Annex E). The prefix “adbe” has been
registered by Adobe Systems and the three subfilter names listed
above and defined in 12.8.3, “Signature Interoperability“ may be used
by any developer.
85
PDF 32000-1:2008
468
©
Adobe Systems Incorporated 2008 – All rights reserved
Contents
byte string
(Required) The signature value. When ByteRange is present, the
value shall be a hexadecimal string (see 7.3.4.3, “Hexadecimal
Strings”) representing the value of the byte range digest.
For public-key signatures, Contents should be either a DER-encoded
PKCS#1 binary data object or a DER-encoded PKCS#7 binary data
object.
Space for the Contents value must be allocated before the message
digest is computed. (See 7.3.4, “String Objects“)
Cert
array or
byte string
(Required when SubFilter is adbe.x509.rsa_sha1) An array of byte
strings that shall represent the X.509 certificate chain used when
signing and verifying signatures that use public-key cryptography, or a
byte string if the chain has only one entry. The signing certificate shall
appear first in the array; it shall be used to verify the signature value in
Contents, and the other certificates shall be used to verify the
authenticity of the signing certificate.
If SubFilter is adbe.pkcs7.detached or adbe.pkcs7.sha1, this entry
shall not be used, and the certificate chain shall be put in the PKCS#7
envelope in Contents.
ByteRange
array
(Required for all signatures that are part of a signature field and usage
rights signatures referenced from the UR3 entry in the permissions
dictionary) An array of pairs of integers (starting byte offset, length in
bytes) that shall describe the exact byte range for the digest
calculation. Multiple discontiguous byte ranges shall be used to
describe a digest that does not include the signature value (the
Contents entry) itself.
Reference
array
(Optional; PDF 1.5) An array of signature reference dictionaries (see
Table 253).
Changes
array
(Optional) An array of three integers that shall specify changes to the
document that have been made between the previous signature and
this signature: in this order, the number of pages altered, the number
of fields altered, and the number of fields filled in.
The ordering of signatures shall be determined by the value of
ByteRange. Since each signature results in an incremental save, later
signatures have a greater length value.
Name
text string
(Optional) The name of the person or authority signing the document.
This value should be used only when it is not possible to extract the
name from the signature.
EXAMPLE 1
From the certificate of the signer.
M
date
(Optional) The time of signing. Depending on the signature handler,
this may be a normal unverified computer time or a time generated in a
verifiable way from a secure time server.
This value should be used only when
the time of signing is not
available in the signature.
EXAMPLE 2
A time stamp can be embedded in a PKCS#7 binary
da
ta object (see 12.8.3.3, “PKCS#7 Signatures as
used in ISO 32000”).
Location
text string
(Optional) The CPU host name or physical location of the signing.
Reason
text string
(Optional) The reason for the signing, such as ( I agree … ).
ContactInfo
text string
(Optional) Information provided by the signer to enable a recipient to
contact the signer to verify the signature.
EXAMPLE 3
A phone number.
Table 252 – Entries in a signature dictionary (continued)
Key
Type
Value
80
©
Adobe Systems Incorporated 2008 – All rights reserved
469
PDF 32000-1:2008
NOTE 2
The entries in the signature dictionary can be conceptualized as being in different dictionaries; they are in one
dictionary for historical and cryptographic reasons. The categories are signature properties (R, M, Name,
Reason, Location, Prop_Build, Prop_AuthTime, and Prop_AuthType); key information (Cert and portions
of Contents when the signature value is a PKCS#7 object); reference (Reference and ByteRange); and
signature value (Contents when the signature value is a PKCS#1 object).
R
integer
(Optional) The version of the signature handler that was used to create
the signature. (PDF 1.5) This entry shall not be used, and the
information shall be stored in the Prop_Build dictionary.
V
integer
(Optional; PDF 1.5) The version of the signature dictionary format. It
corresponds to the usage of the signature dictionary in the context of
the value of SubFilter. The value is 1 if the Reference dictionary shall
be considered critical to the validation of the signature.
Default value: 0.
Prop_Build
dictionary
(Optional; PDF 1.5) A dictionary that may be used by a signature
handler to record information that captures the state of the computer
environment used for signing, such as the name of the handler used to
create the signature, software build date, version, and operating
system.
he PDF Signature Build Dictionary Specification, provides
implementation guidelines for the use of this dictionary.
Prop_AuthTime
integer
(Optional; PDF 1.5) The number of seconds since the signer was last
authenticated, used in claims of signature repudiation. It should be
omitted if the value is unknown.
Prop_AuthType
name
(Optional; PDF 1.5) The method that shall be used to authenticate the
signer, used in claims of signature repudiation. Valid values shall be
PIN, Password, and Fingerprint.
Table 253 – Entries in a signature reference dictionary
Key
Type
Value
Type
name
(Optional) The type of PDF object that this dictionary
describes; if present, shall be SigRef for a signature
reference dictionary.
TransformMethod
name
(Required) The name of the transform method (see Section
12.8.2, “Transform Methods”) that shall guide the
modification analysis that takes place when the signature is
validated. Valid values shall be:
DocMDP
Used to detect modifications to a document
relative to a signature field that is signed by the
originator of a document; see 12.8.2.2,
“DocMDP.”
UR
Used to detect modifications to a document
that would invalidate a signature in a rights-
enabled document; see 12.8.2.3, “UR.”
FieldMDP
Used to detect modifications to a list of form
fields specified in TransformParams; see
12.8.2.4, “FieldMDP.”
TransformParams
dictionary
(Optional) A dictionary specifying transform parameters
(variable data) for the transform method specified by
TransformMethod. Each method takes its own set of
parameters. See each of the sub-clauses specified previously
for details on the individual transform parameter dictionaries
Table 252 – Entries in a signature dictionary (continued)
Key
Type
Value
60
PDF 32000-1:2008
470
©
Adobe Systems Incorporated 2008 – All rights reserved
12.8.2
Transform Methods
12.8.2.1
General
Transform methods, along with transform parameters, shall determine which objects are included and excluded
in revision comparison. The following sub-clauses discuss the types of transform methods, their transform
parameters, and when they shall be used.
12.8.2.2
DocMDP
12.8.2.2.1
General
The DocMDP transform method shall be used to detect modifications relative to a signature field that is signed
by the author of a document (the person applying the first signature). A document can contain only one
signature field that contains a DocMDP transform method; it shall be the first signed field in the document. It
enables the author to specify what changes shall be permitted to be made the document and what changes
invalidate the author’s signature.
NOTE
As discussed earlier, “MDP” stands for modification detection and prevention. Certification signatures that use
the DocMDP transform method enable detection of disallowed changes specified by the author. In addition,
disallowed changes can also be prevented when the signature dictionary is referred to by the DocMDP entry in
the permissions dictionary (see 12.8.4, “Permissions”).
A certification signature should have a legal attestation dictionary (see 12.8.5, “Legal Content Attestations”)
that specifies all content that might result in unexpected rendering of the document contents, along with the
author’s attestation to such content. This dictionary may be used to establish an author’s intent if the integrity of
the document is questioned.
The P entry in the DocMDP transform parameters dictionary (see Table 254) shall indicate the author’s
specification of which changes to the document will invalidate the signature. (These changes to the document
shall also be prevented if the signature dictionary is referred from the DocMDP entry in the permissions
dictionary.) A value of 1 for P indicates that the document shall be final; that is, any changes shall invalidate the
signature. The values 2 and 3 shall permit modifications that are appropriate for form field or comment
workflows.
12.8.2.2.2
Validating Signatures That Use the DocMDP Transform Method
To validate a signature that uses the DocMDP transform method, a conforming reader first shall verify the byte
range digest. Next, it shall verify that any modifications that have been made to the document are permitted by
the transform parameters.
Once the byte range digest is validated, the portion of the document specified by the ByteRange entry in the
signature dictionary (see Table 252) is known to correspond to the state of the document at the time of signing.
Data
(various)
(Required when TransformMethod is FieldMDP) An indirect
reference to the object in the document upon which the object
modification analysis should be performed. For transform
methods other than FieldMDP, this object is implicitly
defined.
DigestMethod
name
(Optional; PDF 1.5 required) A name identifying the algorithm
that shall be used when computing the digest. Valid values
are MD5 and SHA1. Default value: MD5. For security
reasons, MD5 should not be used. It is mentioned for
backwards compatibility, since it remains the default value.
Table 253 – Entries in a signature reference dictionary (continued)
Key
Type
Value
57
©
Adobe Systems Incorporated 2008 – All rights reserved
471
PDF 32000-1:2008
Therefore, conforming readers may compare the signed and current versions of the document to see whether
there have been modifications to any objects that are not permitted by the transform parameters.
12.8.2.3
UR
The UR transform method shall be used to detect changes to a document that shall invalidate a usage rights
signature, which is referred to from the UR3 entry in the permissions dictionary (see 12.8.4, “Permissions”).
Usage rights signatures shall be used to enable additional interactive features that may not available by default
in a conforming reader. The signature shall be used to validate that the permissions have been granted by a
bonafide granting authority. The transform parameters dictionary (see Table 255) specifies the additional rights
that shall be enabled if the signature is valid. If the signature is invalid because the document has been
modified in a way that is not permitted or the identity of the signer is not granted the extended permissions,
additional rights shall not be granted.
EXAMPLE
Adobe Systems grants permissions to enable additional features in Adobe Reader, using public-key
cryptography. It uses certificate authorities to issue public key certificates to document creators with which
it has entered into a business relationship. Adobe Reader verifies that the rights-enabling signature uses
a certificate from an Adobe-authorized certificate authority. Other conforming readers are free to use this
same mechanism for their own purposes.
UR3 (PDF 1.6): The ByteRange entry in the signature dictionary (see Table 252) shall be present. First, a
conforming reader shall verify the byte range digest to determine whether the portion of the document specified
by ByteRange corresponds to the state of the document at the time of signing. Next, a conforming reader shall
examine the current version of the document to see whether there have been modifications to any objects that
are not permitted by the transform parameters.
Table 254 – Entries in the DocMDP transform parameters dictionary
Key
Type
Value
Type
name
(Optional) The type of PDF object that this dictionary describes; if present,
shall be TransformParams for a transform parameters dictionary.
P
number
(Optional) The access permissions granted for this document. Valid values
shall be:
1
No changes to the document shall be permitted; any change to the
document shall invalidate the signature.
2
Permitted changes shall be filling in forms, instantiating page
templates, and signing; other changes shall invalidate the signature.
3
Permitted changes shall be the same as for 2, as well as annotation
creation, deletion, and modification; other changes shall invalidate the
signature.
Default value: 2.
V
name
(Optional) The DocMDP transform parameters dictionary version. The only
valid value shall be 1.2.
NOTE
this value is a name object, not a number.
Default value: 1.2.
56
PDF 32000-1:2008
472
©
Adobe Systems Incorporated 2008 – All rights reserved
Table 255 – Entries in the UR transform parameters dictionary
Key
Type
Value
Type
name
(Optional) The type of PDF object that this dictionary describes; if present,
shall be TransformParams for a transform parameters dictionary.
Document
array
(Optional) An array of names specifying additional document-wide usage
rights for the document. The only defined value shall be FullSave, which
permits a user to save the document along with modified form and/or
annotation data. (PDF 1.5) Any usage right that permits the document to be
modified implicitly shall enable the FullSave right.
If the PDF document contains a UR3 dictionary, only rights specified by the
Annots entry that permit the document to be modified shall implicitly enable
the FullSave right. For all other rights, FullSave shall be explicitly enabled in
order to save the document. (Signature rights shall permit saving as part of the
signing process but not otherwise).
If the P entry in the UR transform parameters dictionary is true (PDF 1.6) and
greater conforming readers shall permit only those rights that are enabled by
the entries in the dictionary. However, conforming readers shall permit saving
the document as long as any rights that permit modifying the document are
enabled.
Msg
text
string
(Optional) A text string that may be used to specify any arbitrary information,
such as the reason for adding usage rights to the document.
V
name
(Optional) The UR transform parameters dictionary version. The value shall be
2.2. If an unknown version is present, no rights shall be enabled.
NOTE
This value is a name object, not a number.
Default value: 2.2.
Annots
array
(Optional) An array of names specifying additional annotation-related usage
rights for the document. Valid names (PDF 1.5) are Create, Delete, Modify,
Copy, Import, and Export, which shall permit the user to perform the named
operation on annotations.
The following names (PDF 1.6) shall be permitted only when the signature
dictionary is referenced from the UR3 entry of the permissions dictionary (see
Table 258):
Online
Permits online commenting; that is, the ability to upload or
download markup annotations from a server.
SummaryView
Permits a user interface to be shown that summarizes the
comments (markup annotations) in a document.
Documents you may be interested
Documents you may be interested