I need to lock a pdf after applying a signature, I need the output file to look like this one:
as you can see it says “locked by signature”,
I tried adding the lock like this when I get the pdf signature appearance:
PdfSignatureAppearance pdfAppearance = stamper.getSignatureAppearance(); pdfAppearance.setCertificationLevel(PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED);
but all I have got in return is this:
only a message that says “no changes allowed”,
what should I add in the process to mark the PDF to not be able to receive more signatures nor changes?
Advertisement
Answer
Signature Locking With Current iText 5 Versions
@Lontak’s answer demonstrates how one can add a signature lock dictionary using low-level classes. This in particular is of interest for early iText versions (before 5.3.2) and forks of them. Newer iText versions offer a dedicated higher level class modelling signature lock dictionaries and support for them while signing.
Signature Lock dictionaries are modelled by the PdfSigLockDictionary class in current iText 5 versions.
If you want to create a locking signature instead of a certification signature (look below, though), you can do so by replacing your
pdfAppearance.setCertificationLevel(PdfSignatureAppearance.CERTIFIED_NO_CHANGES_ALLOWED);
by
PdfSigLockDictionary pdfSigLockDictionary = new PdfSigLockDictionary(LockPermissions.NO_CHANGES_ALLOWED); pdfAppearance.setFieldLockDict(pdfSigLockDictionary);
(CreateLockingSignature test signWithLockNoChangesAllowed)
Should You Replace Certification by Locking?
Your question sounds like someone requires you to use locking instead of certification to set the MDP level to no-changes-allowed.
Objectively, though, this makes sense only if the signature in question is not the first signature of a PDF, because a certification signature – if present at all – must be the first signature of a document.
As long as your signature is the first (and due to no-changes-allowed the only) signature of the document, you should set the MDP level by means of certification because certification has already been defined in ISO 32000-1 while document locking has been added in ISO 32000-2 (before ISO 32000-2 was published, document locking was only available as an Adobe extension to ISO 32000-1). Support for ISO 32000-2 is somewhat limited, many PDF related products still are based on ISO 32000-1 (or even earlier PDF references). Thus, your document locking is more likely to be ignored by PDF processors than the certification.