SECTION 8.7
737
Digital Signatures
In documents intended for form field workflows, the following occurs:
•
The author specifies that form fields can be filled in without invalidating the
author’s signature. The
P
entry of the
DocMDP
transform parameters dictionary
is set to either 2 or 3 (see Table 8.104).
•
The author can also specify that after a specific recipient has signed the docu-
ment, any modifications to specific form fields should invalidate that recipient’s
signature. There is a separate signature field for each designated recipient, each
having an associated signature field lock dictionary (see Table 8.82) specifying
the form fields that should be locked for that user.
•
When the recipient signs the field, the signature, signature reference, and trans-
form parameters dictionaries are created. The
Action
and
Fields
entries in the
transform parameters dictionary are copied from the corresponding fields in
the signature field lock dictionary.
Note:
This copying is done because all objects in a signature dictionary must be
direct objects if the dictionary contains a byte range signature. (Even though
FieldMDP
signatures are object signatures, any signature dictionary referred to
from a signature field must also have a byte range signature.) Therefore, the
transform parameters dictionary cannot reference the signature field lock dictio-
nary indirectly.
The object digest is computed over all the form fields specified by the transform
parameters dictionary, sorted in alphabetical order (see Appendix I for details).
The specified form fields are locked to prevent changes by marking them read-
only. Any changes to the form fields can be detected when the recipient’s signa-
ture is verified.
FieldMDP
signatures are validated in a similar manner to
DocMDP
signatures. See
Identity
The
Identity
transform method is used when computing an object digest that is
all-inclusive; that is, no objects are excluded. The entire object tree is walked,
starting with the object specified by
Data
in the signature reference dictionary
(see Table 8.103). Any changes to the contents of the object invalidate the signa-
ture. This method is used to support the signing of FDF files. The FDF catalog is
the object over which the digest is calculated.