Previous Next

                                                   731
          SECTION 8.7                                                           Digital Signatures



KEY                        TYPE          VALUE

DigestValue                string        (Required in some situations) When present, the computed value of
                                         the digest. See Section 8.7.1, “Transform Methods, for details on
                                         when this entry is required.

DigestLocation             array         (Required when DigestValue is required and TransformMethod is
                                         FieldMDP or DocMDP) An array of two integers specifying the loca-
                                         tion in the PDF file of the DigestValue string. The integers represent
                                         the starting offset and length in bytes, respectively.
                                         This entry is required when DigestValue is written directly to the
                                         PDF file, bypassing any encryption that has been performed on the
                                         document. When specified, the values must be used to read
                                         DigestValue directly from the file during validation.


  8.7.1 Transform Methods

          Transform methods, along with transform parameters, determine which objects
          are included and excluded in object digest computation or revision comparison.
          The following sections discuss the types of transform methods, their transform
          parameters, and when they are used. Appendix I, “Computation of Object Di-
          gests,” describes in detail the algorithm for computing object digests.

          Note: All transform methods exclude the signature dictionary from the object digest.


          DocMDP

          The DocMDP transform method is used to detect modifications relative to a sig-
          nature field that is signed by the author of a document (the person applying the
          first signature). A document can contain only one signature field that contains a
          DocMDP transform method; it must be the first signed field in the document. It
          enables the author to specify what changes are permitted to be made the docu-
          ment and what changes invalidate the author’s signature.

          As discussed earlier, “MDP” stands for modification detection and prevention.
          Such signatures enable detection of disallowed changes specified by the author. In
          addition, disallowed changes can also be prevented when the signature dictionary
          is referred to by the DocMDP entry in the permissions dictionary (see Section
          8.7.3, “Permissions”).

Previous Next