Signing PDF Forms

Table of Contents

  1. AcroForms
    1. XFA Forms

      AcroForms

      A PDF document can be created with form fields, which allows the user to fill them through e.g. a reader application. A digital signature makes use of a signature field which is also a type of form field. Internal the SetaPDF-Signer component "just" adds and fills such form fields.

      All visible form fields have (or should have) a so called appearance stream which represents the visual representation of the field value. If e.g. a reader application doesn't support form fields at all, it still can use this appearance to display the form field.

      Sometimes a PDF form makes use of flag (NeedAppearances) that instructs the reader application to re-render the field appearances at opening/rendering time. This flag is good to ensure a render action by the reader application but by doing such action a signature would get invalid because it would simply changes the appearance stream which is part of the data that was digital signed.

      Because of this the SetaPDF-Signer component will throw a SetaPDF_Signer_Exception if this flag is set.

      It is also possible to check and remove this flag manually: 

      PHP
      $acroForm = $document->getCatalog()->getAcroForm();
      if ($acroForm->isNeedAppearancesSet()) {
          $acroForm->setNeedAppearances(false);
      }

      If this flag is set to false, the embedded apperance streams of the form fields are used to display the field appearances. It is not guaranteed that they are available at all or if they are in sync with the field values.
      So, it is possible that form field values disapear. If you need to re-render the fields, you should have a look at the SetaPDF-FormFiller component.

      XFA Forms

      XFA forms, neither static or dynamic, are supported by the SetaPDF-Signer component. The component will throw a SetaPDF_Signer_Exception if you try to sign such a document.

      In case of a static XFA form you can remove the XFA data which ends in a normal AcroForm, which can be signed: 

      PHP
      $acroForm = $document->getCatalog()->getAcroForm();
      // check for static xfa
      if ($acroForm->isXfaForm() && count($acroForm->getTerminalFieldsObjects())) {
          $acroForm->removeXfaInformation();
      }