Click or drag to resize

PdfSignatureLevel Enumeration

Represents levels of PDF Advanced Electronic Signature (PAdES) baseline signatures, intended to facilitate interoperability and to encompass the life cycle of PAdES signature.

The levels PAdES_B_LT and PAdES_B_LTA are appropriate where the technical validity of signature needs to be preserved for a period of time after signature creation where certificate expiration, revocation and/or algorithm obsolescence is of concern.

PAdES_B_LTA level targets long term availability and integrity of the validation material of digital signatures over long term. The B-LTA level can help to validate the signature beyond many events that limit its validity (for instance, the weakness of used cryptographic algorithms, or expiration of validation data). The use of B-LTA level is considered an appropriate preservation and transmission technique for signed data.


Namespace: SautinSoft.Pdf.Forms
Assembly: SautinSoft.Pdf (in SautinSoft.Pdf.dll) Version: 2024.11.26
Syntax
public enum PdfSignatureLevel
Members
Member nameValueDescription
None0

Profile for CMS digital signatures in PDF (see also legacy PDF Advanced Electronic Signature Basic based on ISO 32000-1) is under this level.

PdfSigner must satisfy the following requirements:

PAdES_B_B1

PDF Advanced Electronic Signature baseline signature B-B level.

B-B level provides requirements for the incorporation of signed and some unsigned attributes when the signature is generated.

The main requirement is the protection of the signing certificate by the signature itself (the signing certificate digest is incorporated as part of a signed attribute to the signature). This allows to counter the certificate substitution attack.

The main requirement is also present in extended levels: PAdES Enhanced Basic Electronic Signature (PAdES-E-BES and legacy PAdES-E-BES) and PAdES Enhanced Explicit Policy Electronic Signature (PAdES-E-EPES and legacy PAdES-E-EPES).

PdfSigner must satisfy the following requirements:

PAdES_B_T2

PDF Advanced Electronic Signature baseline signature B-T level.

B-T level, in addition to B-B level requirements, provides requirements for the generation and inclusion (for an existing signature) of a trusted token proving that the signature itself actually existed at a certain date and time.

Generated timestamp token is either incorporated as a part of a signed attribute to the signature or included (for an existing signature) as a content of a signature dictionary (whose Type entry has a value of DocTimeStamp) that is a value of a signature field added as an incremental update.

PdfSigner must satisfy the following requirements:

PAdES_B_LT3

PDF Advanced Electronic Signature baseline signature B-LT level.

B-LT level, in addition to B-T level requirements, provides requirements for the incorporation of all the material required for validating the signature in the signature document. This level aims to tackle the long term availability of the validation material.

Validation related information (VRI) for a signature includes:

  • The full set of certificates, including the trust anchor when it is available in the form of a certificate, that have been used to validate the signature and which are not already present. This set includes certificates required for validating the signing certificate, for validating any attribute certificate present in the signature, and for validating any time-stamp token's signing certificate (i.e. a TSA certificate) already incorporated to the signature.
  • The full set of revocation data (CRL or OCSP responses) that have been used in the validation of the signer and CA certificates used in signature. This set includes all certificate status information required for validating the signing certificate, for validating any attribute certificate present in the signature, and for validating any time-stamp token's signing certificate (i.e. a TSA certificate) already incorporated to the signature.

This information is stored in a Document Security Store (DSS) dictionary.

PdfSigner must satisfy the following requirements:

PAdES_B_LTA4

PDF Advanced Electronic Signature baseline signature B-LTA level.

B-LTA level, in addition to B-LT level requirements, provides requirements for the incorporation of electronic time-stamps that allow validation of the signature long time after its generation. This level aims to tackle the long term availability and integrity of the validation material.

Validation related information (VRI) is stored in a Document Security Store (DSS) dictionary and generated timestamp token is included as a content of a signature dictionary (whose Type entry has a value of DocTimeStamp) that is a value of a signature field added as an incremental update.

This requirement is also present in the extended level PAdES Enhanced Long Term Validation (PAdES-E-LTV and legacy PAdES-E-LTV).

PdfSigner must satisfy the following requirements:

See Also