This page is used to configure the PDF/PAdES Hash signing settings that will be used by Go>Sign applet.



The configuration items are as follows:

Items

Description

PDF Signature Type

A mandatory field that selects the type of signature to be produced by this Go>Sign profile. The following types  of signatures are supported:

PDF Signature based on ISO 32000-1:

  • Standard PDF Signature.
  • PDF signature with embedded timestamp.
  • PDF signature with embedded timestamp and revocation information.


Advanced PDF Signatures:

  • PAdES-BES (Part 3 - PAdES Enhanced)
  • PAdES-BES with embedded timestamp


Note: The ISO 32000-1 based PDF signatures are verifiable in Adobe Reader 7+ and PAdES signatures based on ETSI Standard are verifiable in Adobe Reader 10+.
For more details see the section Supported Signature Types

Signature Produced At

This defines where the signature will be produced. This drop down will be disabled by default for PDF Hash signing and value Client will be selected by default in it.

Signature/Document Relationship

This defines how the signature and document exist i.e. one inside the other or do they exist separately. Following options are supported for PDF signatures:

  • Enveloping
  • Detached


Hashing Algorithm

The selected hashing algorithm is used as part of the signature generation process. Following are the supported hashing algorithms: 

  • SHA1
  • SHA2 (SHA224, SHA256, SHA384, SHA512)


EPES Signatures

Explicit Policy Based Electronic (EPES) signature settings are only available for the PAdES Signature types. By enabling the check box Add Signature Policy Identifier, the Go>Sign profile can be used to produce (EPES) signatures where a signature policy OID, URI and user notice are added in the digital signature as specified below.

1. Signature Policy Object ID

Provide the Signature Policy OID to be added for EPES signatures

2. Signature Policy URI

Provide the Signature Policy URI to be added for EPES signatures. If there is no Policy URI defined inside the Go>Sign profile then EPES configurations should be made in policy.properties file located at: [ADSS Installation Directory]/service/

Open this file in any text editor and enter policy OID and path to the policy document

e.g. 1.2.3.4.5 = "F:/Policy_File"


The ADSS Go>Sign Service can retrieve the signature policy document in either one of the following ways:


  • Using Policy URI defined in Go>Sign profile. The ADSS Go>Sign Service will use this policy URI to retrieve the online available policy document and its hash value will be calculated and embedded in the signed properties of the signature.
  • Using locally configured signature policy document. The ADSS Go>Sign Service will use this text file pointer to retrieve the locally saved policy document, hash and embed it in the signed properties of the signature.


3. Signature Policy User Notice

Provide the user notice to be added to the EPES signatures.


Clicking the Next button will display the Key Store Settings page

See also

PDF/PAdES Signing Attributes
CMS/CAdES Signing Attributes
XML/XAdES Signing Attributes
MS Office Signing Attributes