Digital Signatures in PDF Documents

← Back to Blog

What Are Digital Signatures and Why Do They Matter?

A digital signature applied to a PDF document provides three fundamental guarantees: authenticity (the document was signed by the claimed identity), integrity (the document has not been modified since it was signed), and non-repudiation (the signer cannot credibly deny having signed the document). These properties are essential for contracts, regulated filings, invoices, certificates, and any document where trust in origin and content is required.

Digital signatures are frequently confused with electronic signatures, but the two are distinct concepts. An electronic signature in the broad legal sense is any electronic indicator of intent to sign — including a typed name, a scanned handwritten signature image, or a click on an "I Agree" button. These carry little or no cryptographic assurance. A cryptographic digital signature, by contrast, is computed from the actual bytes of the document using a private key and can be independently verified by anyone with the corresponding public key and the signer's certificate.

How PDF Digital Signatures Work

The Hash and Sign Process

When a PDF is digitally signed, the process follows these steps:

1. A byte range covering the document's content (excluding the space reserved for the signature value itself) is specified in the signature dictionary.
2. A cryptographic hash of those bytes is computed using a hash algorithm such as SHA-256 or SHA-384.
3. The hash is encrypted with the signer's private key using an asymmetric algorithm (typically RSA or ECDSA), producing the signature value.
4. The signature value, along with the signer's X.509 certificate and optionally the certificate chain and revocation information, is embedded in the PDF's signature dictionary.

To verify the signature, a viewer decrypts the signature value using the signer's public key (extracted from the certificate) to recover the hash, then independently computes the hash of the specified byte range in the document. If the two hashes match, the document has not been modified since signing. The certificate chain is then validated against trusted root certificates to confirm the signer's identity.

Public Key Infrastructure (PKI)

The trustworthiness of a digital signature ultimately rests on the certificate infrastructure underpinning it. An X.509 certificate binds a public key to an identity (individual, organisation, or server) and is issued and cryptographically vouched for by a Certificate Authority (CA). CAs are organised in a hierarchy: end-entity certificates are issued by intermediate CAs, which are themselves certified by root CAs whose public keys are pre-installed in operating systems and PDF viewers as trust anchors.

When Acrobat validates a signature, it checks whether the signing certificate chains up to a root CA in its trusted certificate store, whether the certificate was valid at the time of signing, and whether the certificate had not been revoked (checked via CRL — Certificate Revocation Lists — or OCSP — Online Certificate Status Protocol).

Types of PDF Digital Signatures

Approval Signatures

An approval signature (sometimes called an ordinary signature) indicates that a named individual has reviewed and approved the document. Multiple approval signatures can be applied sequentially by different parties. Each approval signature covers the document as it existed at the moment of signing; if the document is subsequently modified, the approval signature may be invalidated (depending on whether the modification falls within the permissible change scope defined in the signature).

Certification Signatures

A certification signature — applied using the Certify Document function in Acrobat rather than the standard Sign function — is more restrictive. Only one certification signature is permitted per document and it must be the first signature applied. The certification signature specifies a modification detection policy (stored in the /DocMDP transform method) that defines what changes are permitted after certification without invalidating the signature:

• No changes allowed (transform level 1) — any modification invalidates the signature
• Form filling and signing only (transform level 2) — permits filling form fields and adding signatures but not other changes
• Commenting, form filling, and signing (transform level 3) — permits annotations and form filling

Certification signatures are used for official documents that need to be filled in by recipients (such as grant applications or employment contracts) while guaranteeing the original authored content has not been tampered with.

The PDF Signature Dictionary

In the PDF object model, a signature is a special form of widget annotation. The signature field's value is a signature dictionary with subtype /Sig, containing keys including:

<< /Type /Sig
   /Filter /Adobe.PPKLite
   /SubFilter /adbe.pkcs7.detached
   /ByteRange [0 1234 9876 5678]
   /Contents <...PKCS#7 signature data...>
   /Reason (I approve this document)
   /Location (London, UK)
   /SigningTime (D:20260316120000+00'00')
   /Name (Jane Smith)
>>

The /Filter specifies the signature handler and /SubFilter the signature format. The most common format is /adbe.pkcs7.detached, where the signature is a PKCS#7 (CMS) structure containing the signed hash, the signer's certificate, and optionally the full certificate chain and OCSP responses. The /ByteRange array defines the byte ranges that were signed (the entire document minus the space reserved for the /Contents value).

Signature Validation in Acrobat

When Acrobat opens a signed PDF, it automatically attempts to validate all signatures. The validation result for each signature is shown in the Signatures panel and (for certification signatures) in a blue or gold banner at the top of the document view. Possible validation states include:

• Valid — the document has not been modified since signing and the certificate is trusted and not revoked
• Valid with warnings — signature is cryptographically valid but the certificate is not trusted (not in Acrobat's trust store), or revocation could not be checked
• Invalid — the document has been modified since signing
• Unknown validity — Acrobat lacks sufficient information to validate (e.g., the certificate chain cannot be built)

Trust settings in Acrobat determine which CAs are accepted. Acrobat ships with the Adobe Approved Trust List (AATL) and European Union Trusted Lists (EUTL), which are updated automatically via a background service.

Long-Term Validation (LTV)

A significant practical problem with digital signatures is that certificates expire, CAs may be compromised, and cryptographic algorithms may eventually be deprecated. A signature that is valid today may become unverifiable in ten years if the signing certificate has expired, the CA has been revoked, or revocation information is no longer available from online servers.

Long-term validation (LTV) addresses this by embedding all the information needed to validate the signature at a future date directly into the PDF at the time of signing. An LTV-enabled signature embeds:

• The complete certificate chain from the signing certificate to the root CA
• OCSP responses or CRL snapshots confirming non-revocation at signing time
• A document timestamp — a second cryptographic signature applied by a trusted timestamp authority (TSA) that proves the document existed in its current state at a specific point in time

With LTV information embedded, a validator can confirm the document's integrity even decades after signing without needing to contact any external servers. This is a requirement for archival of legally binding documents and is specified in the PAdES-LTV profile.

PAdES: PDF Advanced Electronic Signatures

PAdES (PDF Advanced Electronic Signatures) is a set of profiles defined in ETSI EN 319 102 that extend the basic PDF signature to meet the requirements of legally recognised electronic signatures in the EU and other jurisdictions. PAdES profiles include:

• PAdES-B-B (Basic) — the baseline signature with signing certificate and signing time
• PAdES-B-T (with Timestamp) — adds a document timestamp for proof of existence
• PAdES-B-LT (Long-Term) — adds embedded revocation data for LTV
• PAdES-B-LTA (Long-Term with Archive timestamp) — adds periodic archive timestamps to protect against algorithm obsolescence

PAdES is the mandated format for qualified electronic signatures under the eIDAS Regulation (EU No 910/2014), which establishes a legal framework for electronic signatures across the European Union. A qualified electronic signature created under eIDAS has the same legal effect as a handwritten signature in all EU member states. To qualify, the signature must be created with a qualified signature creation device (QSCD) using a qualified certificate from an EU trust service provider listed on the national trusted lists.

Signature Fields in PDF Forms

Signature fields in interactive PDF forms are defined as widget annotations with a field type of /Sig in the AcroForm structure. An author can place one or more signature fields at specific positions on the document to indicate where signatures are expected. The fields can be configured to require specific signers, specify the permitted modification level after signing, and control the visual appearance of the signature (showing the signer's name, date, and a graphical representation).

Placing explicit signature fields is best practice for documents intended to be signed by recipients, as it controls the position and size of the signature appearance, makes the expected workflow clear to signers, and can enforce signing order through JavaScript-based field locking.