Supported Standards

Signature algorithms

If you’re developing a custom signature handler or need to change the product defaults, refer to the tables below which describe algorithm support across product versions. In order for the product to understand and process a PDF signature object, that object is required to have certain properties with one of the values listed here.

Message digest creation algorithms

By default, the product uses the adbe.pkcs7.detached signature format. Other formats include:

• adbe.pkcs7.sha1

• adbe.x509.rsa.sha1

• ETSI.CAdES.detached

You can specify an alternate format by configuring the registry value for aSignFormat, setting a seed value on a signature field, JavaScript, or via a custom PubSec handler. Each format supports a number of hashing algorithms, all of which may be specified in the registry via aSignHash or tSignHash.

Supported algorithms for creating the signature hash

Product version	PDF version	adbe.pkcs7.detached and adbe.x509.rsa.sha1	adbe.pkcs7.sha1	ETSI.CAdES.detached
10.x and later	PDF 1.7	MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD160	SHA1	Same as adbe.pkcs7.detached
9.1-9.x	PDF 1.7	MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD160	SHA1	N/A
8.x-9.0	PDF 1.7	MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD160	SHA1	N/A
7.x	PDF 1.6	MD5, SHA1, SHA256	SHA1	N/A
6.x	PDF 1.3	MD5, SHA1	SHA1	N/A
4.x-5.x	PDF 1.3	MD5, SHA1	SHA1	N/A

Message digest encryption algorithms

After creating the signature, Acrobat then encrypts the contents with one of the supported algorithms below. Algorithm selection derives from the signature algorithm field in the signer’s digital ID.

Supported algorithms for creating the signature hash

Product version	PDF version	Supported encryption algorithms	Digest creation compatibility
11.x and later	PDF 1.7	RSA and DSA SHA1 up to 4096-bit ECDSA elliptic curve P256 with digest algorithm SHA256 ECDSA elliptic curve P384 with digest algorithm SHA384 ECDSA elliptic curve P512 with digest algorithm SHA512	DSA only supports SHA1 and adbe.pkcs7.detached. Only available with adbe.pkcs7.detached and ETSI.CAdES.detached
8.x-10.x	PDF 1.7	RSA up to 4096-bit and DSA SHA1 up to 4096-bit	DSA only supports SHA1 and adbe.pkcs7.detached. RSA supports all algorithms and signature types (subFilter values).
7.x	PDF 1.6	RSA up to 4096-bit and DSA SHA1 up to 4096-bit	DSA only supports SHA1 and adbe.pkcs7.detached. RSA supports all algorithms and signature types (subFilter values).
6.x	PDF 1.5	RSA up to 4096 bit	RSA supports all algorithms and signature types (subFilter values).
4.x-5.x	PDF 1.3	RSA up to 1024 bit	RSA supports all algorithms and signature types (subFilter values).

Standards

Standards support

Reference	Feature
PDF Reference 1.7 (ISO 32000-1). See also PDF for Archive (PDF/A) and PDF for Exchange (PDF/X).	Representing signatures in the PDF language
RFC 5280, Internet X.509v3 Public Key Infrastructure, Certificate and Certificate Revocation List (CRL) Profile	CRL revocation checking, chain building, path validation, cross certificates, multiple chains
RFC 6960, X.509 Internet PKI Online Certificate Status Protocol-OCSP	OCSP revocation checking
RFC 3161, Internet X.509 Public Key Infrastructure Time-Stamp Protocol	Timestamping: signing and signature validation
RFC 5755, An Internet Attribute Certificate Profile for Authorization	Attribute certificates
RFC 8017, PKCS #1: RSA Cryptography Specifications Version 2.2 (1024, 2048, 4096)	Formats for creating a digital signature object which is embedded in a document
RFC 8018, PKCS #5: Password-Based Cryptography Specification Version 2.1	Password security
RFC 2315, PKCS #7: Cryptographic Message Syntax, Version 1.5	A format used for creating a digital signature object which is embedded in a document
PKCS #11: URI Scheme	Cryptographic token interface (smart cards, tokens, etc.)
RFC 6151, Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms	Creating a document hash during signing
RFC 6234, US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)	Creating a document hash during signing
FIPS PUB 186-2, Digital Signature Standard. Describes DSA signatures	Digital signatures. Deprecated with 11.0
FIPS PUB 186-3, Digital Signature Standard. Supported by 11.x products	Digital signatures. 11.0 introduces support for 3 ECDSA named curves
FIPS PUB 186-4, Digital Signature Standard. Supported by 11.x products	Digital signatures
FIPS PUB 197, Advanced Encryption Standard (AES 128, 256)	Certificate security
ISIS-MTT Specification v.1.1 March 2004	Attribute certificates
NIST PKITS “Public Key Interoperability Test Suite Certification Path Validation”	Chain building and path validation, including cross certificates and multiple chains
OIDS. ASN.1	Object identifiers (OIDs)
RFC 3986, Uniform Resource Identifiers (URI): Generic Syntax. Updated by RFC 6874 and RFC 7320	All
RFC 8314, Cleartext Considered Obsolete: Use of Transport Layer Security (TLS) for Email Submission and Access	The PLAIN authentication mechanism used by the roaming ID feature
RFC 3778, The application/pdf Media Type. Adobe Inc.	Describes PDF media type, digital signatures, and encryption
ETSI 102 778 PDF Advanced Electronic Signatures (PAdES), Parts 1,2,3 and 4	Digital signature; especially LTV
ETSI/ESI Technical Standard (TS) 102 778	Digital signatures
JITC: Joint Interoperability Test Command PKI compliance test suite	DoD-mandated PKI test suite. Compliant since 7.x. See https://blogs.adobe.com/security/tag/jitc

APIs and miscellaneous

Support for APIs, organizations, etc.

Item	Description
MSCAPI	Microsoft’s CryptoAPI
Keychain	Macintosh’s CryptoAPI
Esign	A U.S. law conformed to by Acrobat and Acrobat Sign signatures.

FIPS support

To comply with NIST requirements for data protection, Adobe products can provide encryption via the Federal Information Processing Standard (FIPS) 140-2 mode. FIPS 140 is a cryptographic security standard used by the federal government and others requiring higher degrees of security. Adobe utilizes certified and unmodified encryption modules licensed from RSA Security within desktop and server products. Therefore, Adobe will not show up in the NIST Cryptographic Module Validation Program vendor lists. The following documents list the specific, certified modules in use within the Adobe DRM Solution:

• Adobe Acrobat and Reader (Windows only): When the FIPS mode is enabled via the registry, encryption uses FIPS-approved algorithms during the production of PDFs in digital signature workflows and not the consumption of PDF files as follows:

  • 12.x: RSA BSAFE Crypto-C ME 4.0.1.0 encryption module with FIPS 140-2 validation certificate 2097

  • 11.x: RSA BSAFE Crypto-C ME 4.0.1.0 encryption module with FIPS 140-2 validation certificate 2056.

  • 10.x: RSA BSAFE Crypto-C ME 3.0.0.1 encryption module with FIPS 140-2 validation certificate 1092.

  • 9.x and earlier: RSA BSAFE Crypto-C ME 2.1 encryption module with FIPS 140-2 validation certificate 608.

• Adobe Experience Manager / LiveCycle ES3 and ES4 Rights Management server software:

  • RSA BSAFE Crypto-J Software Module 3.5 with FIPS certificate #590

• Adobe Rights Management Extension for Microsoft Office client software:

  • RSA BSAFE Crypto-C Micro Edition 2.1 with FIPS Certificate #828

The NIST Cryptographic Module Validation Program (CMVP) is detailed at: https://csrc.nist.gov/groups/STM/cmvp/index.html.

The Adobe Public Sector contact for FIPS certification is John Landwehr (VP Government Solutions, Adobe Systems Federal)