Supported Standards

Signature algorithms

If you’re developing a custom signature handler or need to change the product defaults, refer to the tables below which describe algorithm support across product versions. In order for the product to understand and process a PDF signature object, that object is required to have certain properties with one of the values listed here.

Message digest creation algorithms

By default, the product uses the adbe.pkcs7.detached signature format. Other formats include:

  • adbe.pkcs7.sha1

  • adbe.x509.rsa.sha1

  • ETSI.CAdES.detached

You can specify an alternate format by configuring the registry value for aSignFormat, setting a seed value on a signature field, JavaScript, or via a custom PubSec handler. Each format supports a number of hashing algorithms, all of which may be specified in the registry via aSignHash or tSignHash.

Supported algorithms for creating the signature hash

Product version

PDF version

adbe.pkcs7.detached and adbe.x509.rsa.sha1

adbe.pkcs7.sha1

ETSI.CAdES.detached

10.x and later

PDF 1.7

MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD160

SHA1

Same as adbe.pkcs7.detached

9.1-9.x

PDF 1.7

MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD160

SHA1

N/A

8.x-9.0

PDF 1.7

MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD160

SHA1

N/A

7.x

PDF 1.6

MD5, SHA1, SHA256

SHA1

N/A

6.x

PDF 1.3

MD5, SHA1

SHA1

N/A

4.x-5.x

PDF 1.3

MD5, SHA1

SHA1

N/A

Message digest encryption algorithms

After creating the signature, Acrobat then encrypts the contents with one of the supported algorithms below. Algorithm selection derives from the signature algorithm field in the signer’s digital ID.

_images/sigalgo.png
Supported algorithms for creating the signature hash

Product version

PDF version

Supported encryption algorithms

Digest creation compatibility

11.x and later

PDF 1.7

  • RSA and DSA SHA1 up to 4096-bit

  • ECDSA elliptic curve P256 with digest algorithm SHA256

  • ECDSA elliptic curve P384 with digest algorithm SHA384

  • ECDSA elliptic curve P512 with digest algorithm SHA512

  • DSA only supports SHA1 and adbe.pkcs7.detached.

  • Only available with adbe.pkcs7.detached and ETSI.CAdES.detached

8.x-10.x

PDF 1.7

RSA up to 4096-bit and DSA SHA1 up to 4096-bit

  • DSA only supports SHA1 and adbe.pkcs7.detached.

  • RSA supports all algorithms and signature types (subFilter values).

7.x

PDF 1.6

RSA up to 4096-bit and DSA SHA1 up to 4096-bit

  • DSA only supports SHA1 and adbe.pkcs7.detached.

  • RSA supports all algorithms and signature types (subFilter values).

6.x

PDF 1.5

RSA up to 4096 bit

RSA supports all algorithms and signature types (subFilter values).

4.x-5.x

PDF 1.3

RSA up to 1024 bit

RSA supports all algorithms and signature types (subFilter values).

Standards

Standards support

Reference

Feature

PDF Reference 1.7 (ISO 32000-1). See also PDF for Archive (PDF/A) and PDF for Exchange (PDF/X).

Representing signatures in the PDF language

RFC 5280, Internet X.509v3 Public Key Infrastructure, Certificate and Certificate Revocation List (CRL) Profile

CRL revocation checking, chain building, path validation, cross certificates, multiple chains

RFC 6960, X.509 Internet PKI Online Certificate Status Protocol-OCSP

OCSP revocation checking

RFC 3161, Internet X.509 Public Key Infrastructure Time-Stamp Protocol

Timestamping: signing and signature validation

RFC 5755, An Internet Attribute Certificate Profile for Authorization

Attribute certificates

RFC 8017, PKCS #1: RSA Cryptography Specifications Version 2.2 (1024, 2048, 4096)

Formats for creating a digital signature object which is embedded in a document

RFC 8018, PKCS #5: Password-Based Cryptography Specification Version 2.1

Password security

RFC 2315, PKCS #7: Cryptographic Message Syntax, Version 1.5

A format used for creating a digital signature object which is embedded in a document

PKCS #11: URI Scheme

Cryptographic token interface (smart cards, tokens, etc.)

RFC 6151, Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms

Creating a document hash during signing

RFC 6234, US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)

Creating a document hash during signing

FIPS PUB 186-2, Digital Signature Standard. Describes DSA signatures

Digital signatures. Deprecated with 11.0

FIPS PUB 186-3, Digital Signature Standard. Supported by 11.x products

Digital signatures. 11.0 introduces support for 3 ECDSA named curves

FIPS PUB 186-4, Digital Signature Standard. Supported by 11.x products

Digital signatures

FIPS PUB 197, Advanced Encryption Standard (AES 128, 256)

Certificate security

ISIS-MTT Specification v.1.1 March 2004

Attribute certificates

NIST PKITS “Public Key Interoperability Test Suite Certification Path Validation”

Chain building and path validation, including cross certificates and multiple chains

OIDS. ASN.1

Object identifiers (OIDs)

RFC 3986, Uniform Resource Identifiers (URI): Generic Syntax. Updated by RFC 6874 and RFC 7320

All

RFC 8314, Cleartext Considered Obsolete: Use of Transport Layer Security (TLS) for Email Submission and Access

The PLAIN authentication mechanism used by the roaming ID feature

RFC 3778, The application/pdf Media Type. Adobe Inc.

Describes PDF media type, digital signatures, and encryption

ETSI 102 778 PDF Advanced Electronic Signatures (PAdES), Parts 1,2,3 and 4

Digital signature; especially LTV

ETSI/ESI Technical Standard (TS) 102 778

Digital signatures

JITC: Joint Interoperability Test Command PKI compliance test suite

DoD-mandated PKI test suite. Compliant since 7.x. See https://blogs.adobe.com/security/tag/jitc

APIs and miscellaneous

Support for APIs, organizations, etc.

Item

Description

MSCAPI

Microsoft’s CryptoAPI

Keychain

Macintosh’s CryptoAPI

Esign

A U.S. law conformed to by Acrobat and Adobe Sign signatures.

FIPS support

To comply with NIST requirements for data protection, Adobe products can provide encryption via the Federal Information Processing Standard (FIPS) 140-2 mode. FIPS 140 is a cryptographic security standard used by the federal government and others requiring higher degrees of security. Adobe utilizes certified and unmodified encryption modules licensed from RSA Security within desktop and server products. Therefore, Adobe will not show up in the NIST Cryptographic Module Validation Program vendor lists. The following documents list the specific, certified modules in use within the Adobe DRM Solution:

  • Adobe Acrobat and Reader (Windows only): When the FIPS mode is enabled via the registry, encryption uses FIPS-approved algorithms during the production of PDFs in digital signature workflows and not the consumption of PDF files as follows:

  • Adobe Experience Manager / LiveCycle ES3 and ES4 Rights Management server software:

    • RSA BSAFE Crypto-J Software Module 3.5 with FIPS certificate #590

  • Adobe Rights Management Extension for Microsoft Office client software:

    • RSA BSAFE Crypto-C Micro Edition 2.1 with FIPS Certificate #828

The NIST Cryptographic Module Validation Program (CMVP) is detailed at: https://csrc.nist.gov/groups/STM/cmvp/index.html.

The Adobe Public Sector contact for FIPS certification is John Landwehr (VP Government Solutions, Adobe Systems Federal)