Electronic Signatures and Infrastructures (ESI) - PAdES digital signatures - Part 1: Building blocks and PAdES baseline signatures

The present document specifies PAdES digital signatures. PAdES signatures build on PDF signatures specified in
ISO 32000-1 [1] with an alternative signature encoding to support digital signature formats equivalent to the signature
format CAdES as specified in ETSI EN 319 122-1 [2], by incorporation of signed and unsigned attributes, which fulfil
certain common requirements (such as the long term validity of digital signatures) in a number of use cases.
The present document specifies formats for PAdES baseline signatures, which provide the basic features necessary for a
wide range of business and governmental use cases for electronic procedures and communications to be applicable to a
wide range of communities when there is a clear need for interoperability of digital signatures used in electronic
documents.
The present document defines four levels of PAdES baseline signatures addressing incremental requirements to
maintain the validity of the signatures over the long term, in a way that a certain level always addresses all the
requirements addressed at levels that are below it. Each level requires the presence of certain PAdES attributes, suitably
profiled for reducing the optionality as much as possible.
Procedures for creation, augmentation, and validation of PAdES digital signatures are out of scope and specified in
ETSI EN 319 102-1 [i.5]. Guidance on creation, augmentation and validation of PAdES digital signatures including the
usage of the different attributes defined in the present document is provided in ETSI TR 119 100 [i.4]. The present
document aims at supporting electronic signatures in different regulatory frameworks.
NOTE: Specifically but not exclusively, PAdES digital signatures specified in the present document aim at
supporting electronic signatures, advanced electronic signatures, qualified electronic signatures,
electronic seals, advanced electronic seals, and qualified electronic seals as per Regulation (EU)
No 910/2014 [i.2].

Elektronski podpisi in infrastruktura (ESI) - Digitalni podpisi PAdES - 1. del: Gradniki in izhodiščni podpisi PAdES

Ta dokument določa digitalne podpise PAdES. Podpisi PAdES temeljijo na podpisih PDF, določenih v standardu ISO 32000-1 [1], z nadomestnim kodiranjem za podporo formatov digitalnih podpisov, ki so enakovredni formatu podpisa CAdES, kot je določeno v standardu ETSI EN 319 122-1 [2], ter z vključitvijo podpisanih in nepodpisanih atributov, ki izpolnjujejo določene splošne zahteve (kot je dolgoročna veljavnost digitalnih podpisov) v številnih primerih uporabe.
Ta dokument določa specifične formate za izhodiščne podpise PAdES, ki zagotavljajo osnovne funkcije, zaradi katerih se lahko različni poslovni in vladni primeri uporabe za elektronske postopke in komunikacijo uporabijo za širok nabor skupnosti, kadar obstaja jasna potreba po interoperabilnosti digitalnih podpisov, uporabljenih v elektronskih dokumentih.
V tem dokumentu so določene štiri ravni izhodiščnih podpisov PAdES, ki obravnavajo naraščajoče zahteve po dolgoročnem ohranjanju veljavnosti podpisov, pri čemer določena raven vedno obravnava vse zahteve, obravnavane na njenih podravneh. Vsaka raven zahteva prisotnost določenih atributov PAdES, ki ustrezno zmanjšujejo možnost izbire.
Postopki izdelave, razširitve in potrjevanja digitalnih podpisov PAdES v tem dokumentu niso zajeti ter so določeni v standardu ETSI EN 319 102-1 [i.5]. Smernice glede izdelave, razširitve in potrjevanja digitalnih podpisov PAdES, vključno z uporabo različnih atributov, določenih v tem dokumentu, so podane v standardu ETSI TR 119 100 [i.4]. Namen tega dokumenta je zagotavljanje podpore za elektronske podpise v različnih regulativnih okvirjih.
OPOMBA: Namen digitalnih podpisov PAdES, določenih v tem dokumentu, je zlasti (vendar ne izključno) zagotavljanje podpore za elektronske podpise, napredne elektronske podpise, kvalificirane elektronske podpise, elektronske žige, napredne elektronske žige in kvalificirane elektronske žige skladno z Uredbo (EU) št. 910/2014 [i.2].

General Information

Status
Published
Publication Date
04-May-2016
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
18-Apr-2016
Due Date
23-Jun-2016
Completion Date
05-May-2016
Mandate

Buy Standard

Standard
EN 319 142-1 V1.1.1:2016
English language
23 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
ETSI EN 319 142-1 V1.1.1 (2016-04) - Electronic Signatures and Infrastructures (ESI); PAdES digital signatures; Part 1: Building blocks and PAdES baseline signatures
English language
23 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ETSI EN 319 142-1 V1.1.0 (2016-02) - Electronic Signatures and Infrastructures (ESI); PAdES digital signatures; Part 1: Building blocks and PAdES baseline signatures
English language
23 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ETSI EN 319 142-1 V1.0.0 (2015-06) - Electronic Signatures and Infrastructures (ESI); PAdES digital signatures; Part 1: Building blocks and PAdES baseline signatures
English language
22 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 319 142-1 V1.1.1:2016
01-junij-2016
(OHNWURQVNLSRGSLVLLQLQIUDVWUXNWXUD (6, 'LJLWDOQLSRGSLVL3$G(6GHO
*UDGQLNLLQL]KRGLãþQLSRGSLVL3$G(6
Electronic Signatures and Infrastructures (ESI) - PAdES digital signatures - Part 1:
Building blocks and PAdES baseline signatures
Ta slovenski standard je istoveten z: ETSI EN 319 142-1 V1.1.1 (2016-04)
ICS:
35.040.01 Kodiranje informacij na Information coding in general
splošno
SIST EN 319 142-1 V1.1.1:2016 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN 319 142-1 V1.1.1:2016

---------------------- Page: 2 ----------------------

SIST EN 319 142-1 V1.1.1:2016
ETSI EN 319 142-1 V1.1.1 (2016-04)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
PAdES digital signatures;
Part 1: Building blocks and PAdES baseline signatures

---------------------- Page: 3 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 2 ETSI EN 319 142-1 V1.1.1 (2016-04)



Reference
DEN/ESI-0019142-1
Keywords
electronic signature, PAdES, profile, security
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2016.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI

---------------------- Page: 4 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 3 ETSI EN 319 142-1 V1.1.1 (2016-04)
Contents
Intellectual Property Rights . 4
Foreword . 4
Modal verbs terminology . 4
Introduction . 4
1 Scope . 6
2 References . 6
2.1 Normative references . 6
2.2 Informative references . 7
3 Definitions and abbreviations . 7
3.1 Definitions . 7
3.2 Abbreviations . 8
4 General syntax . 8
4.1 General requirements for PAdES signatures based on PDF signatures . 8
5 Attributes syntax and semantics . 9
5.1 Introduction . 9
5.2 CMS and CAdES defined attributes . 9
5.3 ISO 32000-1 defined attributes . 9
5.4 Validation data and archive validation data attributes . 10
5.4.1 Overview . 10
5.4.2 Document Security Store . 11
5.4.2.1 Catalog . 11
5.4.2.2 DSS Dictionary . 11
5.4.2.3 Signature VRI Dictionary . 13
5.4.3 Document Time-stamp . 14
5.5 Requirements on encryption . 14
5.6 Extensions dictionary . 15
6 PAdES baseline signatures . 15
6.1 Signature levels . 15
6.2 General requirements for PAdES baseline signatures . 16
6.2.1 Algorithm requirements . 16
6.2.2 Notation for requirements . 16
6.3 PAdES baseline signatures . 18
6.4 Legacy PAdES baseline signatures . 22
History . 23


ETSI

---------------------- Page: 5 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 4 ETSI EN 319 142-1 V1.1.1 (2016-04)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This European Standard (EN) has been produced by ETSI Technical Committee Electronic Signatures and
Infrastructures (ESI).
The present document is part 1 of a multi-part deliverable covering the PDF digital signatures (PAdES), as identified
below:
Part 1: "Building blocks and PAdES baseline signatures";
Part 2: "Additional PAdES signatures profiles".

National transposition dates
Date of adoption of this EN: 1 April 2016
Date of latest announcement of this EN (doa): 31 July 2016
Date of latest publication of new National Standard
or endorsement of this EN (dop/e): 31 January 2017
Date of withdrawal of any conflicting National Standard (dow): 31 January 2017

Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
Introduction
Electronic commerce has emerged as a frequent way of doing business between companies across local, wide area and
global networks. Trust in this way of doing business is essential for the success and continued development of
electronic commerce. It is therefore important that companies using this electronic means of doing business have
suitable security controls and mechanisms in place to protect their transactions and to ensure trust and confidence with
their business partners. In this respect digital signatures are an important security component that can be used to protect
information and provide trust in electronic business.
The present document is intended to cover digital signatures supported by PKI and public key certificates, and aims to
meet the general requirements of the international community to provide trust and confidence in electronic transactions,
including, amongst other, applicable requirements from Regulation (EU) No 910/2014 [i.2].
ETSI

---------------------- Page: 6 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 5 ETSI EN 319 142-1 V1.1.1 (2016-04)
The present document can be used for any transaction between an individual and a company, between two companies,
between an individual and a governmental body, etc. The present document is independent of any environment. It can
be applied to any environment e.g. smart cards, SIM cards, special programs for electronic signatures, etc.
The present document is part of a rationalized framework of standards (see ETSI TR 119 000 [i.3]).
ETSI TR 119 100 [i.4] provides guidance on how to use the present document within the aforementioned framework.

ETSI

---------------------- Page: 7 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 6 ETSI EN 319 142-1 V1.1.1 (2016-04)
1 Scope
The present document specifies PAdES digital signatures. PAdES signatures build on PDF signatures specified in
ISO 32000-1 [1] with an alternative signature encoding to support digital signature formats equivalent to the signature
format CAdES as specified in ETSI EN 319 122-1 [2], by incorporation of signed and unsigned attributes, which fulfil
certain common requirements (such as the long term validity of digital signatures) in a number of use cases.
The present document specifies formats for PAdES baseline signatures, which provide the basic features necessary for a
wide range of business and governmental use cases for electronic procedures and communications to be applicable to a
wide range of communities when there is a clear need for interoperability of digital signatures used in electronic
documents.
The present document defines four levels of PAdES baseline signatures addressing incremental requirements to
maintain the validity of the signatures over the long term, in a way that a certain level always addresses all the
requirements addressed at levels that are below it. Each level requires the presence of certain PAdES attributes, suitably
profiled for reducing the optionality as much as possible.
Procedures for creation, augmentation, and validation of PAdES digital signatures are out of scope and specified in
ETSI EN 319 102-1 [i.5]. Guidance on creation, augmentation and validation of PAdES digital signatures including the
usage of the different attributes defined in the present document is provided in ETSI TR 119 100 [i.4]. The present
document aims at supporting electronic signatures in different regulatory frameworks.
NOTE: Specifically but not exclusively, PAdES digital signatures specified in the present document aim at
supporting electronic signatures, advanced electronic signatures, qualified electronic signatures,
electronic seals, advanced electronic seals, and qualified electronic seals as per Regulation (EU)
No 910/2014 [i.2].
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ISO 32000-1: "Document management - Portable document format - Part 1: PDF 1.7".
NOTE: Available at http://www.adobe.com/devnet/acrobat/pdfs/PDF32000_2008.pdf.
[2] ETSI EN 319 122-1: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 1: Building blocks and CAdES baseline signatures".
[3] IETF RFC 5652 (2009): "Cryptographic Message Syntax (CMS)".
[4] IETF RFC 5280 (2008): "Internet X.509 Public Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile".
[5] IETF RFC 6960 (2013): "X.509 Internet Public Key Infrastructure Online Certificate Status
Protocol - OCSP".
[6] IETF RFC 3161 (2001): "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)".
[7] W3C Recommendation (May 2008): "Canonical XML Version 1.1".
[8] IETF RFC 5816 (2010): "ESSCertIDv2 Update for RFC 3161".
ETSI

---------------------- Page: 8 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 7 ETSI EN 319 142-1 V1.1.1 (2016-04)
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] ETSI TS 101 533-1: "Electronic Signatures and Infrastructures (ESI); Data Preservation Systems
Security; Part 1: Requirements for Implementation and Management".
[i.2] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on
electronic identification and trust services for electronic transactions in the internal market and
repealing Directive 1999/93/EC.
[i.3] ETSI TR 119 000: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures: overview".
[i.4] ETSI TR 119 100: "Electronic Signatures and Infrastructures (ESI); Business Driven Guidance for
Signature Creation and Validation".
[i.5] ETSI EN 319 102-1: "Electronic Signatures and Infrastructures (ESI); Procedures for Creation and
Validation of AdES Digital Signatures; Part 1: Creation and Validation".
[i.6] ETSI TS 119 312: "Electronic Signatures and Infrastructures (ESI); Cryptographic Suites".
[i.7] Adobe® XFA: "XML Forms Architecture (XFA) Specification" version 2.5, (June 2007), Adobe
Systems Incorporated".
[i.8] ETSI TS 103 172: "Electronic Signatures and Infrastructures (ESI); PAdES Baseline Profile".
[i.9] IETF RFC 2315 (1998): "PKCS #7: Cryptographic Message Syntax Version 1.5".
[i.10] ETSI TS 119 612: "Electronic Signatures and Infrastructures (ESI); Trusted Lists".
[i.11] ETSI EN 319 142-2: "Electronic Signatures and Infrastructures (ESI); PAdES digital signatures;
Part 2: Additional PAdES signatures profiles".
[i.12] ETSI TR 119 001: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures; Definitions and abbreviations".
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the terms and definitions given in ISO 32000-1 [1], ETSI TR 119 001 [i.12]
and the following apply:
digital signature: data appended to, or a cryptographic transformation of a data unit that allows a recipient of the data
unit to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient
digital signature value: result of the cryptographic transformation of a data unit that allows a recipient of the data unit
to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient
electronic time-stamp: data in electronic form which binds other electronic data to a particular time establishing
evidence that these data existed at that time
generator: any party which creates, or augments a digital signature
NOTE: This can be the signer or any party that initially validates or further maintains the signature.
ETSI

---------------------- Page: 9 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 8 ETSI EN 319 142-1 V1.1.1 (2016-04)
Legacy PAdES baseline signature: digital signature generated according to ETSI TS 103 172 [i.8]
PAdES signature: digital signature that satisfies the requirements specified within the present document or ETSI
EN 319 142-2 [i.11]
proof of existence: evidence that proves that an object existed at a specific date/time
signature augmentation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their augmentation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be conformant
signature creation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their creation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be conformant
signature handler: software application, or part of a software application, that knows how to perform digital signature
operations (e.g. signing and/or validating) in conformance with ISO 32000-1 [1] and the requirements of the appropriate
profile
signature policy: signature creation policy, signature augmentation policy, signature validation policy or any
combination thereof, applicable to the same signature or set of signatures
signature validation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their validation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be valid
trust service provider: natural or legal person who provides one or more trust services
validation data: data that is used to validate a digital signature
verifier: entity that wants to validate or verify a digital signature
3.2 Abbreviations
For the purposes of the present document, the abbreviations given in ETSI TR 119 001 [i.12] and the following apply:
DSS Document Security Store
ESS Enhanced Security Services
TSL Trust Status List
VRI Validation Related Information
4 General syntax
4.1 General requirements for PAdES signatures based on PDF
signatures
PAdES signatures profiled in the present document build on PDF signatures specified in ISO 32000-1 [1] with an
alternative signature encoding to support digital signature formats equivalent to the signature format CAdES [2], by
incorporation of signed and unsigned attributes described in clause 5.
The following requirements apply:
a) A DER-encoded SignedData object as specified in CAdES [2] shall be included as the PDF signature in the
entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1.
There shall only be a single signer (i.e. one single component of SignerInfo type within signerInfos
element) in any PDF Signature.
b) Requirements for handling PDF Signatures specified in ISO 32000-1 [1], clause 12.8 shall apply except where
overridden by the present document.
ETSI

---------------------- Page: 10 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 9 ETSI EN 319 142-1 V1.1.1 (2016-04)
NOTE: Given that PAdES signatures are enveloped inside a PDF document and are detached in the sense of a
CMS signature, the signature placement is implied by ISO 32000-1 [1].
In ISO 32000-1 [1], section 12.8.3.3.1 reads "No data shall be encapsulated in the PKCS#7 SignedData
field".
c) Some signature attributes found in CAdES [2] have the same or similar meaning as keys in the Signature
Dictionary described in ISO 32000-1 [1]. For signature attributes and keys that have the same or similar
meaning only one of them should be used according to the requirements set in table defined in clause 6.3 in the
present document.
5 Attributes syntax and semantics
5.1 Introduction
This clause provides details on attributes specified within ISO 32000-1 [1] and CAdES [2] and defines new attributes
for building PAdES signatures.
The clause distinguishes between the following types of attributes: CMS and CAdES defined attributes,
ISO 32000-1 [1] defined attributes, validation data and archive validation data attributes. The first ones are the attributes
that build the DER-encoded SignedData object included as the PDF signature in the entry with the key Contents
of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1. The second ones are the attributes that build
the Signature Dictionary as described in ISO 32000-1 [1]. The other ones are the attributes where to include validation
data and archive validation data that can guarantee long term validity of digital signatures.
Clause 6.3 provides the requirements concerning how to use the attributes described above.
5.2 CMS and CAdES defined attributes
The attributes included in the following list may be used to generate the DER-encoded SignedData object included
as the PDF signature in the entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1],
clause 12.8.1. Their syntax shall be as defined in ETSI EN 319 122-1 [2], clause 5.
• content-type
• message-digest
• signing certificate reference attributes
- ESS signing-certificate
- ESS signing-certificate-v2
• commitment-type-indication
• signer-attributes-v2
• content-time-stamp
• signature-policy-identifier
• signature-time-stamp
5.3 ISO 32000-1 defined attributes
The entries of the Signature Dictionary shall be as defined in ISO 32000-1 [1], clause 12.8.1 unless specified otherwise
in the present document.
In particular, the entries with the following keys in the Signature Dictionary are directly addressed: M, Contents,
Filter, SubFilter, ByteRange. Further the entries with the Location, Name, ContactInfo and Reason
keys in the Signature Dictionary are inherently addressed.
ETSI

---------------------- Page: 11 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 10 ETSI EN 319 142-1 V1.1.1 (2016-04)
5.4 Validation data and archive validation data attributes
5.4.1 Overview
Validation of a digital signature requires data to validate the signature such as CA certificates, Certificate Revocation
List (CRLs) or certificate status information (OCSP) commonly provided by online services (referred to in the present
document as validation data).
This clause describes an extension to ISO 32000-1 [1] called Document Security Store (DSS) to carry such validation
data as necessary to validate a signature, optionally with Validation Related Information (VRI) which relates the
validation data to a specific signature (see clause 5.4.2). The structure of DSS and VRI is illustrated in figure 1.
DSS dict
VRI
Indirect references to all Certs
Indirect references to all OCSPs
Indirect references to all CRLs
VRI of a specific signature
Indirect references to required Certs
Indirect references to required OCSPs
Indirect references to required CRLs
Cert1 (value)
Cert2 (value)
OCSP1 (response value)
CRL1 (value)
Certn (value)
OCSPn (value)
CRLn (value)

Figure 1: Illustration of DSS and VRI structures
This clause also defines another extension to ISO 32000-1 [1] called Document Time-stamp (see clause 5.4.3) to extend
the life-time of protection to the document.
These extensions support Long Term Validation (LTV) of PDF Signatures. The structure of a PDF document with LTV
is illustrated in figure 2.
Document
Security Store
Document
Time-stamp

Figure 2: Illustration of PDF document with extended life-time protection
ETSI

---------------------- Page: 12 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 11 ETSI EN 319 142-1 V1.1.1 (2016-04)
The life-time of the protection can be further extended beyond the life-time of the last document time-stamp applied by
adding further DSS information to validate the previous last document time-stamp along with a new document
time-stamp. Every time a DSS Dictionary is updated during incremental update, it should contain the values from the
previous DSS Dictionary.
NOTE: In general the DSS Dictionary will contain validation data from previous revisions plus validation data
added for the current revision. If entries are removed from a DSS Dictionary during an incremental
update the set of validation data might not be complete for validation of the signatures, but replacement of
validation data - like e.g. more up-to-date certificate status information - might be performed for
optimization reasons.
This is illustrated in figure 3.

Figure 3: Illustration of PDF Document with repeated LTV
5.4.2 Document Security Store
5.4.2.1 Catalog
Added to ISO 32000-1 [1] Table 28 "Entries in catalogue dictionary"
KEY TYPE VALUE
DSS Dictionary (Optional) Document-wide security-related information.

5.4.2.2 DSS Dictionary
The Document Security Store (DSS) shall be a dictionary that shall have the value DSS as key in the document catalog
dictionary. This dictionary is used to provide a single place where all of the validation-related information for some or
all signatures in the document should be placed.
The DSS dictionary, if present, shall contain validation-related information only for document and time-stamps
signatures represented in PKCS#7 and CMS (and its derivatives) format or for XAdES signatures of forms signing
dynamic XFA [i.7].
NOTE: See ETSI EN 319 142-2 [i.11] for specification of XAdES signatures of forms signing dynamic XFA.
ETSI

---------------------- Page: 13 ----------------------

SIST EN 319 142-1 V1.1.1:2016
 12 ETSI EN 319 142-1 V1.1.1 (2016-04)
Entries in a DSS Dictionary
KEY TYPE VALUE
Type Name (Optional) It shall be DSS for a document security store
dictionary.
VRI Dictionary (Optional) This dictionary contains Signature VRI dictionaries in
the document. The key of each entry in this dictionary is the
base-16-encoded (uppercase) SHA1 digest of the signature to
which it applies and the value is the Signature VRI dictionary
which contains the validation-related information for that
signature.
(See additional requirements a, b, c.).
Certs Array (Optional) An
...

ETSI EN 319 142-1 V1.1.1 (2016-04)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
PAdES digital signatures;
Part 1: Building blocks and PAdES baseline signatures

---------------------- Page: 1 ----------------------
2 ETSI EN 319 142-1 V1.1.1 (2016-04)



Reference
DEN/ESI-0019142-1
Keywords
electronic signature, PAdES, profile, security
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2016.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI EN 319 142-1 V1.1.1 (2016-04)
Contents
Intellectual Property Rights . 4
Foreword . 4
Modal verbs terminology . 4
Introduction . 4
1 Scope . 6
2 References . 6
2.1 Normative references . 6
2.2 Informative references . 7
3 Definitions and abbreviations . 7
3.1 Definitions . 7
3.2 Abbreviations . 8
4 General syntax . 8
4.1 General requirements for PAdES signatures based on PDF signatures . 8
5 Attributes syntax and semantics . 9
5.1 Introduction . 9
5.2 CMS and CAdES defined attributes . 9
5.3 ISO 32000-1 defined attributes . 9
5.4 Validation data and archive validation data attributes . 10
5.4.1 Overview . 10
5.4.2 Document Security Store . 11
5.4.2.1 Catalog . 11
5.4.2.2 DSS Dictionary . 11
5.4.2.3 Signature VRI Dictionary . 13
5.4.3 Document Time-stamp . 14
5.5 Requirements on encryption . 14
5.6 Extensions dictionary . 15
6 PAdES baseline signatures . 15
6.1 Signature levels . 15
6.2 General requirements for PAdES baseline signatures . 16
6.2.1 Algorithm requirements . 16
6.2.2 Notation for requirements . 16
6.3 PAdES baseline signatures . 18
6.4 Legacy PAdES baseline signatures . 22
History . 23


ETSI

---------------------- Page: 3 ----------------------
4 ETSI EN 319 142-1 V1.1.1 (2016-04)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This European Standard (EN) has been produced by ETSI Technical Committee Electronic Signatures and
Infrastructures (ESI).
The present document is part 1 of a multi-part deliverable covering the PDF digital signatures (PAdES), as identified
below:
Part 1: "Building blocks and PAdES baseline signatures";
Part 2: "Additional PAdES signatures profiles".

National transposition dates
Date of adoption of this EN: 1 April 2016
Date of latest announcement of this EN (doa): 31 July 2016
Date of latest publication of new National Standard
or endorsement of this EN (dop/e): 31 January 2017
Date of withdrawal of any conflicting National Standard (dow): 31 January 2017

Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
Introduction
Electronic commerce has emerged as a frequent way of doing business between companies across local, wide area and
global networks. Trust in this way of doing business is essential for the success and continued development of
electronic commerce. It is therefore important that companies using this electronic means of doing business have
suitable security controls and mechanisms in place to protect their transactions and to ensure trust and confidence with
their business partners. In this respect digital signatures are an important security component that can be used to protect
information and provide trust in electronic business.
The present document is intended to cover digital signatures supported by PKI and public key certificates, and aims to
meet the general requirements of the international community to provide trust and confidence in electronic transactions,
including, amongst other, applicable requirements from Regulation (EU) No 910/2014 [i.2].
ETSI

---------------------- Page: 4 ----------------------
5 ETSI EN 319 142-1 V1.1.1 (2016-04)
The present document can be used for any transaction between an individual and a company, between two companies,
between an individual and a governmental body, etc. The present document is independent of any environment. It can
be applied to any environment e.g. smart cards, SIM cards, special programs for electronic signatures, etc.
The present document is part of a rationalized framework of standards (see ETSI TR 119 000 [i.3]).
ETSI TR 119 100 [i.4] provides guidance on how to use the present document within the aforementioned framework.

ETSI

---------------------- Page: 5 ----------------------
6 ETSI EN 319 142-1 V1.1.1 (2016-04)
1 Scope
The present document specifies PAdES digital signatures. PAdES signatures build on PDF signatures specified in
ISO 32000-1 [1] with an alternative signature encoding to support digital signature formats equivalent to the signature
format CAdES as specified in ETSI EN 319 122-1 [2], by incorporation of signed and unsigned attributes, which fulfil
certain common requirements (such as the long term validity of digital signatures) in a number of use cases.
The present document specifies formats for PAdES baseline signatures, which provide the basic features necessary for a
wide range of business and governmental use cases for electronic procedures and communications to be applicable to a
wide range of communities when there is a clear need for interoperability of digital signatures used in electronic
documents.
The present document defines four levels of PAdES baseline signatures addressing incremental requirements to
maintain the validity of the signatures over the long term, in a way that a certain level always addresses all the
requirements addressed at levels that are below it. Each level requires the presence of certain PAdES attributes, suitably
profiled for reducing the optionality as much as possible.
Procedures for creation, augmentation, and validation of PAdES digital signatures are out of scope and specified in
ETSI EN 319 102-1 [i.5]. Guidance on creation, augmentation and validation of PAdES digital signatures including the
usage of the different attributes defined in the present document is provided in ETSI TR 119 100 [i.4]. The present
document aims at supporting electronic signatures in different regulatory frameworks.
NOTE: Specifically but not exclusively, PAdES digital signatures specified in the present document aim at
supporting electronic signatures, advanced electronic signatures, qualified electronic signatures,
electronic seals, advanced electronic seals, and qualified electronic seals as per Regulation (EU)
No 910/2014 [i.2].
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ISO 32000-1: "Document management - Portable document format - Part 1: PDF 1.7".
NOTE: Available at http://www.adobe.com/devnet/acrobat/pdfs/PDF32000_2008.pdf.
[2] ETSI EN 319 122-1: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 1: Building blocks and CAdES baseline signatures".
[3] IETF RFC 5652 (2009): "Cryptographic Message Syntax (CMS)".
[4] IETF RFC 5280 (2008): "Internet X.509 Public Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile".
[5] IETF RFC 6960 (2013): "X.509 Internet Public Key Infrastructure Online Certificate Status
Protocol - OCSP".
[6] IETF RFC 3161 (2001): "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)".
[7] W3C Recommendation (May 2008): "Canonical XML Version 1.1".
[8] IETF RFC 5816 (2010): "ESSCertIDv2 Update for RFC 3161".
ETSI

---------------------- Page: 6 ----------------------
7 ETSI EN 319 142-1 V1.1.1 (2016-04)
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] ETSI TS 101 533-1: "Electronic Signatures and Infrastructures (ESI); Data Preservation Systems
Security; Part 1: Requirements for Implementation and Management".
[i.2] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on
electronic identification and trust services for electronic transactions in the internal market and
repealing Directive 1999/93/EC.
[i.3] ETSI TR 119 000: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures: overview".
[i.4] ETSI TR 119 100: "Electronic Signatures and Infrastructures (ESI); Business Driven Guidance for
Signature Creation and Validation".
[i.5] ETSI EN 319 102-1: "Electronic Signatures and Infrastructures (ESI); Procedures for Creation and
Validation of AdES Digital Signatures; Part 1: Creation and Validation".
[i.6] ETSI TS 119 312: "Electronic Signatures and Infrastructures (ESI); Cryptographic Suites".
[i.7] Adobe® XFA: "XML Forms Architecture (XFA) Specification" version 2.5, (June 2007), Adobe
Systems Incorporated".
[i.8] ETSI TS 103 172: "Electronic Signatures and Infrastructures (ESI); PAdES Baseline Profile".
[i.9] IETF RFC 2315 (1998): "PKCS #7: Cryptographic Message Syntax Version 1.5".
[i.10] ETSI TS 119 612: "Electronic Signatures and Infrastructures (ESI); Trusted Lists".
[i.11] ETSI EN 319 142-2: "Electronic Signatures and Infrastructures (ESI); PAdES digital signatures;
Part 2: Additional PAdES signatures profiles".
[i.12] ETSI TR 119 001: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures; Definitions and abbreviations".
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the terms and definitions given in ISO 32000-1 [1], ETSI TR 119 001 [i.12]
and the following apply:
digital signature: data appended to, or a cryptographic transformation of a data unit that allows a recipient of the data
unit to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient
digital signature value: result of the cryptographic transformation of a data unit that allows a recipient of the data unit
to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient
electronic time-stamp: data in electronic form which binds other electronic data to a particular time establishing
evidence that these data existed at that time
generator: any party which creates, or augments a digital signature
NOTE: This can be the signer or any party that initially validates or further maintains the signature.
ETSI

---------------------- Page: 7 ----------------------
8 ETSI EN 319 142-1 V1.1.1 (2016-04)
Legacy PAdES baseline signature: digital signature generated according to ETSI TS 103 172 [i.8]
PAdES signature: digital signature that satisfies the requirements specified within the present document or ETSI
EN 319 142-2 [i.11]
proof of existence: evidence that proves that an object existed at a specific date/time
signature augmentation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their augmentation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be conformant
signature creation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their creation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be conformant
signature handler: software application, or part of a software application, that knows how to perform digital signature
operations (e.g. signing and/or validating) in conformance with ISO 32000-1 [1] and the requirements of the appropriate
profile
signature policy: signature creation policy, signature augmentation policy, signature validation policy or any
combination thereof, applicable to the same signature or set of signatures
signature validation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their validation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be valid
trust service provider: natural or legal person who provides one or more trust services
validation data: data that is used to validate a digital signature
verifier: entity that wants to validate or verify a digital signature
3.2 Abbreviations
For the purposes of the present document, the abbreviations given in ETSI TR 119 001 [i.12] and the following apply:
DSS Document Security Store
ESS Enhanced Security Services
TSL Trust Status List
VRI Validation Related Information
4 General syntax
4.1 General requirements for PAdES signatures based on PDF
signatures
PAdES signatures profiled in the present document build on PDF signatures specified in ISO 32000-1 [1] with an
alternative signature encoding to support digital signature formats equivalent to the signature format CAdES [2], by
incorporation of signed and unsigned attributes described in clause 5.
The following requirements apply:
a) A DER-encoded SignedData object as specified in CAdES [2] shall be included as the PDF signature in the
entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1.
There shall only be a single signer (i.e. one single component of SignerInfo type within signerInfos
element) in any PDF Signature.
b) Requirements for handling PDF Signatures specified in ISO 32000-1 [1], clause 12.8 shall apply except where
overridden by the present document.
ETSI

---------------------- Page: 8 ----------------------
9 ETSI EN 319 142-1 V1.1.1 (2016-04)
NOTE: Given that PAdES signatures are enveloped inside a PDF document and are detached in the sense of a
CMS signature, the signature placement is implied by ISO 32000-1 [1].
In ISO 32000-1 [1], section 12.8.3.3.1 reads "No data shall be encapsulated in the PKCS#7 SignedData
field".
c) Some signature attributes found in CAdES [2] have the same or similar meaning as keys in the Signature
Dictionary described in ISO 32000-1 [1]. For signature attributes and keys that have the same or similar
meaning only one of them should be used according to the requirements set in table defined in clause 6.3 in the
present document.
5 Attributes syntax and semantics
5.1 Introduction
This clause provides details on attributes specified within ISO 32000-1 [1] and CAdES [2] and defines new attributes
for building PAdES signatures.
The clause distinguishes between the following types of attributes: CMS and CAdES defined attributes,
ISO 32000-1 [1] defined attributes, validation data and archive validation data attributes. The first ones are the attributes
that build the DER-encoded SignedData object included as the PDF signature in the entry with the key Contents
of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1. The second ones are the attributes that build
the Signature Dictionary as described in ISO 32000-1 [1]. The other ones are the attributes where to include validation
data and archive validation data that can guarantee long term validity of digital signatures.
Clause 6.3 provides the requirements concerning how to use the attributes described above.
5.2 CMS and CAdES defined attributes
The attributes included in the following list may be used to generate the DER-encoded SignedData object included
as the PDF signature in the entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1],
clause 12.8.1. Their syntax shall be as defined in ETSI EN 319 122-1 [2], clause 5.
• content-type
• message-digest
• signing certificate reference attributes
- ESS signing-certificate
- ESS signing-certificate-v2
• commitment-type-indication
• signer-attributes-v2
• content-time-stamp
• signature-policy-identifier
• signature-time-stamp
5.3 ISO 32000-1 defined attributes
The entries of the Signature Dictionary shall be as defined in ISO 32000-1 [1], clause 12.8.1 unless specified otherwise
in the present document.
In particular, the entries with the following keys in the Signature Dictionary are directly addressed: M, Contents,
Filter, SubFilter, ByteRange. Further the entries with the Location, Name, ContactInfo and Reason
keys in the Signature Dictionary are inherently addressed.
ETSI

---------------------- Page: 9 ----------------------
10 ETSI EN 319 142-1 V1.1.1 (2016-04)
5.4 Validation data and archive validation data attributes
5.4.1 Overview
Validation of a digital signature requires data to validate the signature such as CA certificates, Certificate Revocation
List (CRLs) or certificate status information (OCSP) commonly provided by online services (referred to in the present
document as validation data).
This clause describes an extension to ISO 32000-1 [1] called Document Security Store (DSS) to carry such validation
data as necessary to validate a signature, optionally with Validation Related Information (VRI) which relates the
validation data to a specific signature (see clause 5.4.2). The structure of DSS and VRI is illustrated in figure 1.
DSS dict
VRI
Indirect references to all Certs
Indirect references to all OCSPs
Indirect references to all CRLs
VRI of a specific signature
Indirect references to required Certs
Indirect references to required OCSPs
Indirect references to required CRLs
Cert1 (value)
Cert2 (value)
OCSP1 (response value)
CRL1 (value)
Certn (value)
OCSPn (value)
CRLn (value)

Figure 1: Illustration of DSS and VRI structures
This clause also defines another extension to ISO 32000-1 [1] called Document Time-stamp (see clause 5.4.3) to extend
the life-time of protection to the document.
These extensions support Long Term Validation (LTV) of PDF Signatures. The structure of a PDF document with LTV
is illustrated in figure 2.
Document
Security Store
Document
Time-stamp

Figure 2: Illustration of PDF document with extended life-time protection
ETSI

---------------------- Page: 10 ----------------------
11 ETSI EN 319 142-1 V1.1.1 (2016-04)
The life-time of the protection can be further extended beyond the life-time of the last document time-stamp applied by
adding further DSS information to validate the previous last document time-stamp along with a new document
time-stamp. Every time a DSS Dictionary is updated during incremental update, it should contain the values from the
previous DSS Dictionary.
NOTE: In general the DSS Dictionary will contain validation data from previous revisions plus validation data
added for the current revision. If entries are removed from a DSS Dictionary during an incremental
update the set of validation data might not be complete for validation of the signatures, but replacement of
validation data - like e.g. more up-to-date certificate status information - might be performed for
optimization reasons.
This is illustrated in figure 3.

Figure 3: Illustration of PDF Document with repeated LTV
5.4.2 Document Security Store
5.4.2.1 Catalog
Added to ISO 32000-1 [1] Table 28 "Entries in catalogue dictionary"
KEY TYPE VALUE
DSS Dictionary (Optional) Document-wide security-related information.

5.4.2.2 DSS Dictionary
The Document Security Store (DSS) shall be a dictionary that shall have the value DSS as key in the document catalog
dictionary. This dictionary is used to provide a single place where all of the validation-related information for some or
all signatures in the document should be placed.
The DSS dictionary, if present, shall contain validation-related information only for document and time-stamps
signatures represented in PKCS#7 and CMS (and its derivatives) format or for XAdES signatures of forms signing
dynamic XFA [i.7].
NOTE: See ETSI EN 319 142-2 [i.11] for specification of XAdES signatures of forms signing dynamic XFA.
ETSI

---------------------- Page: 11 ----------------------
12 ETSI EN 319 142-1 V1.1.1 (2016-04)
Entries in a DSS Dictionary
KEY TYPE VALUE
Type Name (Optional) It shall be DSS for a document security store
dictionary.
VRI Dictionary (Optional) This dictionary contains Signature VRI dictionaries in
the document. The key of each entry in this dictionary is the
base-16-encoded (uppercase) SHA1 digest of the signature to
which it applies and the value is the Signature VRI dictionary
which contains the validation-related information for that
signature.
(See additional requirements a, b, c.).
Certs Array (Optional) An array of indirect references to streams, each
containing one DER-encoded X.509 certificate (that shall be as
defined in IETF RFC 5280 [4]). This array contains certificates
that can be used in the validation of any signatures in the
document.
OCSPs Array (Optional) An array of indirect references to streams, each
containing a DER-encoded Online Certificate Status
Protocol (OCSP) response (that shall be as defined in IETF
RFC 6960 [5]). This array contains OCSPs that can be used in
the validation of any signatures in the document.
CRLs Array (Optional) An array of indirect references to streams, each
containing a DER-encoded Certificate Revocation List (CRL)
(that shall be as defined in IETF RFC 5280 [4]). This array
contains CRLs that can be used in the validation of any
signatures in the document.
a) For document signatures or document time-stamp signatures the bytes that are hashed shall be those of the
complete hexadecimal string in the entry with the key Contents of the associated Signature Dictionary
containing the signature's DER-encoded binary data object (e.g. PKCS#7, CMS or CAdES objects).
b) For the signatures
...

Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
PAdES digital signatures;
Part 1: Building blocks and PAdES baseline signatures

---------------------- Page: 1 ----------------------
2 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)



Reference
DEN/ESI-0019142-1
Keywords
electronic signature, PAdES, profile, security
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2016.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
Contents
Intellectual Property Rights . 4
Foreword . 4
Modal verbs terminology . 4
Introduction . 4
1 Scope . 6
2 References . 6
2.1 Normative references . 6
2.2 Informative references . 7
3 Definitions and abbreviations . 7
3.1 Definitions . 7
3.2 Abbreviations . 8
4 General syntax . 8
4.1 General requirements for PAdES signatures based on PDF signatures . 8
5 Attributes syntax and semantics . 9
5.1 Introduction . 9
5.2 CMS and CAdES defined attributes . 9
5.3 ISO 32000-1 defined attributes . 10
5.4 Validation data and archive validation data attributes . 10
5.4.1 Overview . 10
5.4.2 Document Security Store . 12
5.4.2.1 Catalog . 12
5.4.2.2 DSS Dictionary . 12
5.4.2.3 Signature VRI Dictionary . 13
5.4.3 Document Time-stamp . 14
5.5 Requirements on encryption . 14
5.6 Extensions dictionary . 15
6 PAdES baseline signatures . 15
6.1 Signature levels . 15
6.2 General requirements for PAdES baseline signatures . 16
6.2.1 Algorithm requirements . 16
6.2.2 Notation for requirements . 16
6.3 PAdES baseline signatures . 18
6.4 Legacy PAdES baseline signatures . 22
History . 23


ETSI

---------------------- Page: 3 ----------------------
4 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This final draft European Standard (EN) has been produced by ETSI Technical Committee Electronic Signatures and
Infrastructures (ESI), and is now submitted for the Vote phase of the ETSI standards EN Approval Procedure.
The present document is part 1 of a multi-part deliverable covering the PDF digital signatures (PAdES), as identified
below:
Part 1: "Building blocks and PAdES baseline signatures";
Part 2: "Additional PAdES signatures profiles".

Proposed national transposition dates
Date of latest announcement of this EN (doa): 3 months after ETSI publication
Date of latest publication of new National Standard
or endorsement of this EN (dop/e): 6 months after doa
Date of withdrawal of any conflicting National Standard (dow): 6 months after doa

Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
Introduction
Electronic commerce has emerged as a frequent way of doing business between companies across local, wide area and
global networks. Trust in this way of doing business is essential for the success and continued development of
electronic commerce. It is therefore important that companies using this electronic means of doing business have
suitable security controls and mechanisms in place to protect their transactions and to ensure trust and confidence with
their business partners. In this respect digital signatures are an important security component that can be used to protect
information and provide trust in electronic business.
The present document is intended to cover digital signatures supported by PKI and public key certificates, and aims to
meet the general requirements of the international community to provide trust and confidence in electronic transactions,
including, amongst other, applicable requirements from Regulation (EU) No 910/2014 [i.2].
The present document can be used for any transaction between an individual and a company, between two companies,
between an individual and a governmental body, etc. The present document is independent of any environment. It can
be applied to any environment e.g. smart cards, SIM cards, special programs for electronic signatures, etc.
ETSI

---------------------- Page: 4 ----------------------
5 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
The present document is part of a rationalized framework of standards (see ETSI TR 119 000 [i.3]).
ETSI TR 119 100 [i.4] provides guidance on how to use the present document within the aforementioned framework.

ETSI

---------------------- Page: 5 ----------------------
6 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
1 Scope
The present document specifies PAdES digital signatures. PAdES signatures build on PDF signatures specified in
ISO 32000-1 [1] with an alternative signature encoding to support digital signature formats equivalent to the signature
format CAdES as specified in ETSI EN 319 122-1 [2], by incorporation of signed and unsigned attributes, which fulfil
certain common requirements (such as the long term validity of digital signatures) in a number of use cases.
The present document specifies formats for PAdES baseline signatures, which provide the basic features necessary for a
wide range of business and governmental use cases for electronic procedures and communications to be applicable to a
wide range of communities when there is a clear need for interoperability of digital signatures used in electronic
documents.
The present document defines four levels of PAdES baseline signatures addressing incremental requirements to
maintain the validity of the signatures over the long term, in a way that a certain level always addresses all the
requirements addressed at levels that are below it. Each level requires the presence of certain PAdES attributes, suitably
profiled for reducing the optionality as much as possible.
Procedures for creation, augmentation, and validation of PAdES digital signatures are out of scope and specified in
ETSI EN 319 102-1 [i.5]. Guidance on creation, augmentation and validation of PAdES digital signatures including the
usage of the different attributes defined in the present document is provided in ETSI TR 119 100 [i.4]. The present
document aims at supporting electronic signatures in different regulatory frameworks.
NOTE: Specifically but not exclusively, PAdES digital signatures specified in the present document aim at
supporting electronic signatures, advanced electronic signatures, qualified electronic signatures,
electronic seals, advanced electronic seals, and qualified electronic seals as per Regulation (EU)
No 910/2014 [i.2].
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
reference document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ISO 32000-1: "Document management - Portable document format - Part 1: PDF 1.7".
NOTE: Available at http://www.adobe.com/devnet/acrobat/pdfs/PDF32000_2008.pdf.
[2] ETSI EN 319 122-1: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 1: Building blocks and CAdES baseline signatures".
[3] IETF RFC 5652 (2009): "Cryptographic Message Syntax (CMS)".
[4] IETF RFC 5280 (2008): "Internet X.509 Public Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile".
[5] IETF RFC 6960 (2013): "X.509 Internet Public Key Infrastructure Online Certificate Status
Protocol - OCSP".
[6] IETF RFC 3161 (2001): "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)".
[7] W3C Recommendation (May 2008): "Canonical XML Version 1.1".
[8] IETF RFC 5816 (2010): "ESSCertIDv2 Update for RFC 3161".
ETSI

---------------------- Page: 6 ----------------------
7 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
reference document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] ETSI TS 101 533-1: "Electronic Signatures and Infrastructures (ESI); Data Preservation Systems
Security; Part 1: Requirements for Implementation and Management".
[i.2] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on
electronic identification and trust services for electronic transactions in the internal market and
repealing Directive 1999/93/EC.
[i.3] ETSI TR 119 000: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures: overview".
[i.4] ETSI TR 119 100: "Electronic Signatures and Infrastructures (ESI); Business Driven Guidance for
Signature Creation and Validation".
[i.5] ETSI EN 319 102-1: "Electronic Signatures and Infrastructures (ESI); Procedures for Creation and
Validation of AdES Digital Signatures; Part 1: Creation and Validation".
[i.6] ETSI TS 119 312: "Electronic Signatures and Infrastructures (ESI); Cryptographic Suites".
[i.7] Adobe® XFA: "XML Forms Architecture (XFA) Specification" version 2.5, (June 2007), Adobe
Systems Incorporated".
[i.8] ETSI TS 103 172: "Electronic Signatures and Infrastructures (ESI); PAdES Baseline Profile".
[i.9] IETF RFC 2315 (1998): "PKCS #7: Cryptographic Message Syntax Version 1.5".
[i.10] ETSI TS 119 612: "Electronic Signatures and Infrastructures (ESI); Trusted Lists".
[i.11] ETSI EN 319 142-2: "Electronic Signatures and Infrastructures (ESI); PAdES digital signatures;
Part 2: Additional PAdES signatures profiles".
[i.12] ETSI TR 119 001: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures; Definitions and abbreviations".
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the terms and definitions given in ISO 32000-1 [1], ETSI TR 119 001 [i.12]
and the following apply:
digital signature: data appended to, or a cryptographic transformation of a data unit that allows a recipient of the data
unit to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient
digital signature value: result of the cryptographic transformation of a data unit that allows a recipient of the data unit
to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient
electronic time-stamp: data in electronic form which binds other electronic data to a particular time establishing
evidence that these data existed at that time
NOTE 1: In the case of IETF RFC 3161 [6] updated by IETF RFC 5816 [8] protocol, the electronic time-stamp is
referring to the timeStampToken field within the TimeStampResp element (the TSA's response
returned to the requesting client).
ETSI

---------------------- Page: 7 ----------------------
8 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
NOTE 2: This can be the signer or the creator of a seal or any party that initially validates or further maintains the
signature.
generator: any party which creates, or adds attributes to, a signature
NOTE: This can be the signer or any party that initially validates or further maintains the signature.
Legacy PAdES baseline signature: digital signature generated according to ETSI TS 103 172 [i.8]
PAdES signature: digital signature that satisfies the requirements specified within the present document and ETSI
EN 319 142-2 [i.11]
proof of existence: information that can be used to prove that some data existed before a given time
signature augmentation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their augmentation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be conformant
signature creation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their creation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be conformant
signature handler: software module that implements a specific form of signing and/or authentication of digital
signatures
signature policy: signature creation policy, signature augmentation policy, signature validation policy or any
combination thereof, applicable to the same signature or set of signatures
signature validation policy: set of rules, applicable to one or more digital signatures, that defines the technical and
procedural requirements for their validation, in order to meet a particular business need, and under which the digital
signature(s) can be determined to be valid
trust service provider: body operating one or more (electronic) Trust Services
validation data: data that is used to validate a digital signature
verifier: entity that validates a digital signature
3.2 Abbreviations
For the purposes of the present document, the abbreviations given in ETSI TR 119 001 [i.12] and the following apply:
DSS Document Security Store
ESS Enhanced Security Services
TSL Trust Status List
VRI Validation Related Information
4 General syntax
4.1 General requirements for PAdES signatures based on PDF
signatures
PAdES signatures profiled in the present document build on PDF signatures specified in ISO 32000-1 [1] with an
alternative signature encoding to support digital signature formats equivalent to the signature format CAdES [2], by
incorporation of signed and unsigned attributes described in clause 5.
The following requirements apply:
a) A DER-encoded SignedData object as specified in CAdES [2] shall be included as the PDF signature in the
entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1.
There shall only be a single signer (i.e. one single component of SignerInfo type within signerInfos
element) in any PDF Signature.
ETSI

---------------------- Page: 8 ----------------------
9 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
b) Requirements for handling PDF Signatures specified in ISO 32000-1 [1], clause 12.8 shall apply except where
overridden by the present document.
NOTE: Given that PAdES signatures are enveloped inside a PDF document and are detached in the sense of a
CMS signature, the signature placement is implied by ISO 32000-1 [1].
In ISO 32000-1 [1], section 12.8.3.3.1 reads "No data shall be encapsulated in the PKCS#7 SignedData
field".
c) Some signature attributes found in CAdES [2] have the same or similar meaning as keys in the Signature
Dictionary described in ISO 32000-1 [1]. For signature attributes and keys that have the same or similar
meaning only one of them should be used according to the requirements set in table defined in clause 6.3 in the
present document.
5 Attributes syntax and semantics
5.1 Introduction
This clause provides details on attributes specified within ISO 32000-1 [1] and CAdES [2] and defines new attributes
for building PAdES signatures.
The clause distinguishes between the following types of attributes: CMS and CAdES defined attributes,
ISO 32000-1 [1] defined attributes, validation data and archive validation data attributes. The first ones are the attributes
that build the DER-encoded SignedData object included as the PDF signature in the entry with the key Contents
of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1. The second ones are the attributes that build
the Signature Dictionary as described in ISO 32000-1 [1]. The other ones are the attributes where to include validation
data and archive validation data that can guarantee long term validity of digital signatures.
Clause 6.3 provides the requirements concerning how to use the attributes described above.
5.2 CMS and CAdES defined attributes
The attributes included in the following list may be used to generate the DER-encoded SignedData object included
as the PDF signature in the entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1],
clause 12.8.1. Their syntax shall be as defined in ETSI EN 319 122-1 [2], clause 5.
• content-type
• message-digest
• signing certificate reference attributes
- ESS signing-certificate
- ESS signing-certificate-v2
• commitment-type-indication
• signer-attributes-v2
• content-time-stamp
• signature-policy-identifier
• signature-time-stamp
ETSI

---------------------- Page: 9 ----------------------
10 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
5.3 ISO 32000-1 defined attributes
The entries of the Signature Dictionary shall be as defined in ISO 32000-1 [1], clause 12.8.1 unless specified otherwise
in the present document.
In particular, the entries with the following keys in the Signature Dictionary are directly addressed: M, Contents,
Filter, SubFilter, ByteRange. Further the entries with the Location, Name, ContactInfo and Reason
keys in the Signature Dictionary are inherently addressed.
5.4 Validation data and archive validation data attributes
5.4.1 Overview
Validation of a digital signature requires data to validate the signature such as CA certificates, Certificate Revocation
List (CRLs) or certificate status information (OCSP) commonly provided by online services (referred to in the present
document as validation data).
This clause describes an extension to ISO 32000-1 [1] called Document Security Store (DSS) to carry such validation
data as necessary to validate a signature, optionally with Validation Related Information (VRI) which relates the
validation data to a specific signature (see clause 5.4.2). The structure of DSS and VRI is illustrated in figure 1.
DSS dict
VRI
Indirect references to all Certs
Indirect references to all OCSPs
Indirect references to all CRLs
VRI of a specific signature
Indirect references to required Certs
Indirect references to required OCSPs
Indirect references to required CRLs
Cert1 (value)
Cert2 (value)
OCSP1 (response value)
CRL1 (value)
Certn (value)
OCSPn (value)
CRLn (value)

Figure 1: Illustration of DSS and VRI structures
This clause also defines another extension to ISO 32000-1 [1] called Document Time-stamp (see clause 5.4.3) to extend
the life-time of protection to the document.
These extensions support Long Term Validation (LTV) of PDF Signatures. The structure of a PDF document with LTV
is illustrated in figure 2.
ETSI

---------------------- Page: 10 ----------------------
11 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
Document
Security Store
Document
Time-stamp

Figure 2: Illustration of PDF document with extended life-time protection
The life-time of the protection can be further extended beyond the life-time of the last document time-stamp applied by
adding further DSS information to validate the previous last document time-stamp along with a new document
time-stamp. Every time a DSS Dictionary is updated during incremental update, it should contain the values from the
previous DSS Dictionary.
NOTE: In general the DSS Dictionary will contain validation data from previous revisions plus validation data
added for the current revision. If entries are removed from a DSS Dictionary during an incremental
update the set of validation data might not be complete for validation of the signatures, but replacement of
validation data - like e.g. more up-to-date certificate status information - might be performed for
optimization reasons.
This is illustrated in figure 3.

Figure 3: Illustration of PDF Document with repeated LTV
ETSI

---------------------- Page: 11 ----------------------
12 Final draft ETSI EN 319 142-1 V1.1.0 (2016-02)
5.4.2 Document Security Store
5.4.2.1 Catalog
Added to ISO 32000-1 [1] Table 28 "Entries in catalogue dictionary"
KEY TYPE VALUE
DSS
Dictionary (Optional) Document-wide security-related information.

5.4.2.2 DSS Dictionary
The Document Security Store (DSS) shall be a dictionary that shall have the value DSS as key in the document catalog
dictionary. This dictionary is used to provide a single place where all of the validation-related information for some or
all signatures in the document should be placed.
The DSS dictionary, if present, shall contain validation-related information only for document and time-stamps
signatures represented in PKCS#7 and CMS (and its derivatives) format or for XAdES signatures of forms signing
dynamic XFA [i.7].
NOTE: See ETSI EN 319 142-2 [i.11] for specification of XAdES signatures of forms signing dynamic XFA.
Entries in a DSS Dictionary
KEY TYPE VALUE
Type Name (Optional) It shall be DSS for a document security store
dictionary.
VRI Dictionary (Optional) This dictionary contains Signature VRI dictionaries in
the document. The key of each entry in this dictionary is the
base-16-encoded (uppercase) SHA1 digest of the signature to
which it applies and the value is the Signature VRI dictionary
which contains the validation-related information for that
signature.
(See additional requirements a, b, c.).
Certs Array (Optional) An array of indirect references to streams, each
containing one DER-encoded X.509 certificate (that shall be as
defined in IETF RFC 5280 [4]). This array contains certificates
that can be used in the validation of any signatures in the
document.
OCSPs (Optional) An array of indirect references to streams, each
Array
containing a DER-encoded Online Certificate Status
Protocol (OCSP) response (that shall be as defined in IETF
RFC 6960 [5]). This array contains OCSPs that can be used in
the validation of any signatures in the document.
CRLs Array (Optional) An array of indirect references to streams, each
containing a DER-encoded Certificate Revocation List (CRL)
(that shall be as define
...

Draft ETSI EN 319 142-1 V1.0.0 (2015-06)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
PAdES digital signatures;
Part 1: Building blocks and PAdES baseline signatures

---------------------- Page: 1 ----------------------
2 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)



Reference
DEN/ESI-0019142-1
Keywords
electronic signature, PAdES, profile, security
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2015.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
Contents
Intellectual Property Rights . 4
Foreword . 4
Modal verbs terminology . 4
Introduction . 4
1 Scope . 6
2 References . 6
2.1 Normative references . 6
2.2 Informative references . 7
3 Definitions and abbreviations . 7
3.1 Definitions . 7
3.2 Abbreviations . 8
4 General syntax . 8
4.1 General requirements for PAdES signatures based on PDF signatures . 8
5 Attributes syntax and semantics . 9
5.1 Introduction . 9
5.2 CMS and CAdES defined attributes . 9
5.3 ISO 32000-1 defined attributes . 9
5.4 Validation data and archive validation data attributes . 9
5.4.1 Overview . 9
5.4.2 Document Security Store . 11
5.4.2.1 Catalog . 11
5.4.2.2 DSS Dictionary . 11
5.4.2.3 Signature VRI Dictionary . 12
5.4.3 Document Time-stamp . 14
5.5 Requirements on encryption . 14
5.6 Extensions dictionary . 15
6 PAdES baseline signatures . 15
6.1 Signature levels . 15
6.2 General requirements for PAdES baseline signatures . 16
6.2.1 Algorithm requirements . 16
6.2.2 Notation for requirements . 16
6.3 PAdES baseline signatures . 17
6.4 Legacy PAdES baseline signatures . 21
History . 22


ETSI

---------------------- Page: 3 ----------------------
4 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (http://ipr.etsi.org).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This draft European Standard (EN) has been produced by ETSI Technical Committee Electronic Signatures and
Infrastructures (ESI), and is now submitted for the combined Public Enquiry and Vote phase of the ETSI standards EN
Approval Procedure.
The present document is part 1 of a multi-part deliverable covering the PDF digital signatures (PAdES), as identified
below:
Part 1: "Building blocks and PAdES baseline signatures";
Part 2: "Additional PAdES signatures profiles".

Proposed national transposition dates
Date of latest announcement of this EN (doa): 3 months after ETSI publication
Date of latest publication of new National Standard
or endorsement of this EN (dop/e): 6 months after doa
Date of withdrawal of any conflicting National Standard (dow): 6 months after doa

Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
Introduction
Electronic commerce has emerged as a frequent way of doing business between companies across local, wide area and
global networks. Trust in this way of doing business is essential for the success and continued development of
electronic commerce. It is therefore important that companies using this electronic means of doing business have
suitable security controls and mechanisms in place to protect their transactions and to ensure trust and confidence with
their business partners. In this respect digital signatures are an important security component that can be used to protect
information and provide trust in electronic business.
The present document is intended to cover digital signatures supported by PKI and public key certificates, and aims to
meet the general requirements of the international community to provide trust and confidence in electronic transactions,
including, amongst other, applicable requirements from Regulation (EU) No 910/2014 [i.2].
ETSI

---------------------- Page: 4 ----------------------
5 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
The present document can be used for any transaction between an individual and a company, between two companies,
between an individual and a governmental body, etc. The present document is independent of any environment. It can
be applied to any environment e.g. smart cards, SIM cards, special programs for electronic signatures, etc.
The present document is part of a rationalized framework of standards (see ETSI TR 119 000 [i.3]).
ETSI TR 119 100 [i.4] provides guidance on how to use the present document within the aforementioned framework.

ETSI

---------------------- Page: 5 ----------------------
6 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
1 Scope
The present document specifies PAdES digital signatures. PAdES signatures build on PDF signatures specified in
ISO 32000-1 [1] with an alternative signature encoding to support digital signature formats equivalent to the signature
format CAdES as specified in ETSI EN 319 122-1 [2], by incorporation of signed and unsigned attributes, which fulfil
certain common requirements (such as the long term validity of digital signatures) in a number of use cases.
The present document specifies formats for PAdES baseline signatures, which provide the basic features necessary for a
wide range of business and governmental use cases for electronic procedures and communications to be applicable to a
wide range of communities when there is a clear need for interoperability of digital signatures used in electronic
documents.
The present document defines four levels of PAdES baseline signatures addressing incremental requirements to
maintain the validity of the signatures over the long term, in a way that a certain level always addresses all the
requirements addressed at levels that are below it. Each level requires the presence of certain PAdES attributes, suitably
profiled for reducing the optionality as much as possible.
Procedures for creation and validation of PAdES digital signatures are out of scope and specified in ETSI
EN 319 102-1 [i.5].
The present document aim at supporting electronic signatures in different regulatory frameworks.
NOTE: Specifically but not exclusively, PAdES digital signatures specified in the present document aim at
supporting electronic signatures, advanced electronic signatures, qualified electronic signatures,
electronic seals, advanced electronic seals, and qualified electronic seals as per Regulation (EU)
No 910/2014 [i.2].
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
reference document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ISO 32000-1: "Document management - Portable document format - Part 1: PDF 1.7".
NOTE: Available at http://www.adobe.com/devnet/acrobat/pdfs/PDF32000_2008.pdf.
[2] ETSI EN 319 122-1: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 1: Building blocks and CAdES baseline signatures".
[3] IETF RFC 5652 (2009): "Cryptographic Message Syntax (CMS)".
[4] IETF RFC 5280 (2008): "Internet X.509 Public Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile".
[5] IETF RFC 6960 (2013): "X.509 Internet Public Key Infrastructure Online Certificate Status
Protocol - OCSP".
[6] IETF RFC 3161 (2001): "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)".
[7] W3C Recommendation (May 2008): "Canonical XML Version 1.1".
[8] IETF RFC 5816 (2010): "ESSCertIDv2 Update for RFC 3161".
ETSI

---------------------- Page: 6 ----------------------
7 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
reference document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] ETSI TS 101 533-1: "Electronic Signatures and Infrastructures (ESI); Data Preservation Systems
Security; Part 1: Requirements for Implementation and Management".
[i.2] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on
electronic identification and trust services for electronic transactions in the internal market and
repealing Directive 1999/93/EC.
[i.3] ETSI TR 119 000: "Electronic Signatures and Infrastructures (ESI); Rationalized structure for
Electronic Signature Standardization".
[i.4] ETSI TR 119 100: "Electronic Signatures and Infrastructures (ESI); Business Driven Guidance for
Signature Creation and Validation".
[i.5] ETSI EN 319 102-1: "Electronic Signatures and Infrastructures (ESI); Procedures for Signature
Creation and Validation of AdES Digital Signatures; Part 1: Creation and Validation".
[i.6] Adobe® Supplement to ISO 32000-1. BaseVersion: 1.7 - ExtensionLevel: 5.
NOTE: Available at http://www.adobe.com/devnet/pdf/pdf_reference.html.
[i.7] ETSI TS 119 312: "Electronic Signatures and Infrastructures (ESI); Cryptographic Suites".
[i.8] Adobe® XFA: "XML Forms Architecture (XFA) Specification" version 2.5, (June 2007), Adobe
Systems Incorporated".
[i.9] ETSI TS 103 172: "Electronic Signatures and Infrastructures (ESI); PAdES Baseline Profile".
[i.10] IETF RFC 2315 (1998): "PKCS #7: Cryptographic Message Syntax Version 1.5".
[i.11] ETSI TS 119 612: "Electronic Signatures and Infrastructures (ESI); Trusted Lists".
[i.12] ETSI EN 319 142-2: "Electronic Signatures and Infrastructures (ESI); PAdES digital signatures;
Part 2: Additional PAdES signatures profiles".
[i.13] ETSI TR 119 001: "Electronic Signatures and Infrastructures (ESI); The framework for
standardisation of signatures; Definitions and abbreviations".3 Definitions and abbreviations.
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the terms and definitions given in ISO 32000-1 [1], TR 119 001 [i.13] and
the following apply:
electronic time-stamp: data in electronic form which binds other electronic data to a particular time establishing
evidence that these data existed at that time
NOTE 1: In the case of IETF RFC 3161 [6] updated by IETF RFC 5816 [8] protocol, the electronic time-stamp is
referring to the timeStampToken field within the TimeStampResp element (the TSA's response
returned to the requesting client).
ETSI

---------------------- Page: 7 ----------------------
8 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
NOTE 2: This can be the signer or the creator of a seal or any party that initially validates or further maintains the
signature.
generator: any party which creates, or adds attributes to, a signature
NOTE: This can be the signer or any party that initially validates or further maintains the signature.
Legacy PAdES baseline signature: digital signature generated according to ETSI TS 103 172 [i.9]
PAdES signature: digital signature that satisfies the requirements specified within the present document and ETSI
EN 319 142-2 [i.12]
proof of existence: information that can be used to prove that some data existed before a given time
signature handler: software module that implements a specific form of signing and/or authentication of digital
signatures
trust service provider: body operating one or more (electronic) Trust Services
verifier: entity that validates a digital signature
3.2 Abbreviations
For the purposes of the present document, the abbreviations given in ETSI TR 119 001 [i.13] and the following apply:
DSS Document Security Store
ESS Enhanced Security Services
TSL Trust Status List
VRI Validation Related Information
4 General syntax
4.1 General requirements for PAdES signatures based on PDF
signatures
PAdES signatures profiled in the present document build on PDF signatures specified in ISO 32000-1 [1] with an
alternative signature encoding to support digital signature formats equivalent to the signature format CAdES [2], by
incorporation of signed and unsigned attributes described in clause 5.
The following requirements apply:
a) A DER-encoded SignedData object as specified in CAdES [2] shall be included as the PDF signature in the
entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1.
There shall only be a single signer (i.e. one single component of SignerInfo type within signerInfos
element) in any PDF Signature.
b) Requirements for handling PDF Signatures specified in ISO 32000-1 [1], clause 12.8 shall apply except where
overridden by the present document.
NOTE: Given that PAdES signatures are enveloped inside a PDF document and are detached in the sense of a
CMS signature, the signature placement is implied by ISO 32000-1 [1].
In ISO 32000-1 [1], section 12.8.3.3.1 reads "No data shall be encapsulated in the PKCS#7 SignedData
field".
c) Some signature attributes found in CAdES [2] have the same or similar meaning as keys in the Signature
Dictionary described in ISO 32000-1 [1]. For signature attributes and keys that have the same or similar
meaning only one of them should be used according to the requirements set in table defined in clause 6.3 in the
present document.
ETSI

---------------------- Page: 8 ----------------------
9 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
5 Attributes syntax and semantics
5.1 Introduction
This clause provides details on attributes specified within ISO 32000-1 [1] and CAdES [2] and defines new attributes
for building PAdES signatures.
The clause distinguishes between the following types of attributes: CMS and CAdES defined attributes,
ISO 32000-1 [1] defined attributes, validation data and archive validation data attributes. The first ones are the attributes
that build the DER-encoded SignedData object included as the PDF signature in the entry with the key Contents
of the Signature Dictionary as described in ISO 32000-1 [1], clause 12.8.1. The second ones are the attributes that build
the Signature Dictionary as described in ISO 32000-1 [1]. The other ones are the attributes where to include validation
data and archive validation data that can guarantee long term validity of digital signatures.
Clause 6.3 provides the requirements concerning how to use the attributes described above.
5.2 CMS and CAdES defined attributes
The attributes included in the following list may be used to generate the DER-encoded SignedData object included
as the PDF signature in the entry with the key Contents of the Signature Dictionary as described in ISO 32000-1 [1],
clause 12.8.1. Their syntax shall be as defined in ETSI EN 319 122-1 [2], clause 5.
• content-type
• message-digest
• signing certificate reference attributes
- ESS signing-certificate
- ESS signing-certificate-v2
• commitment-type-indication
• signer-attributes-v2
• content-time-stamp
• signature-policy-identifier
• signature-time-stamp
5.3 ISO 32000-1 defined attributes
The entries of the Signature Dictionary shall be as defined in ISO 32000-1 [1], clause 12.8.1 unless specified otherwise
in the present document.
In particular, the entries with the following keys in the Signature Dictionary are directly addressed: M, Contents,
Filter, SubFilter, ByteRange. Further the entries with the Location, Name, ContactInfo and Reason
keys in the Signature Dictionary are inherently addressed.
5.4 Validation data and archive validation data attributes
5.4.1 Overview
Validation of a digital signature requires data to validate the signature such as CA certificates, Certificate Revocation
List (CRLs) or certificate status information (OCSP) commonly provided by online services (referred to in the present
document as validation data).
ETSI

---------------------- Page: 9 ----------------------
10 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
This clause describes an extension to ISO 32000-1 [1] called Document Security Store (DSS) to carry such validation
data as necessary to validate a signature, optionally with Validation Related Information (VRI) which relates the
validation data to a specific signature (see clause 5.4.2). The structure of DSS and VRI is illustrated in figure 1.
DSS dict
VRI
Indirect references to all Certs
Indirect references to all OCSPs
Indirect references to all CRLs
VRI of a specific signature
Indirect references to required Certs
Indirect references to required OCSPs
Indirect references to required CRLs
Cert1 (value)
Cert2 (value)
OCSP1 (response value)
CRL1 (value)
Certn (value)
OCSPn (value)
CRLn (value)

Figure 1: Illustration of DSS and VRI structures
This clause also defines another extension to ISO 32000-1 [1] called Document Time-stamp (see clause 5.4.3) to extend
the life-time of protection to the document.
These extensions support Long Term Validation (LTV) of PDF Signatures. The structure of a PDF document with LTV
is illustrated in figure 2.
Document
Security Store
Document
Time-stamp

Figure 2: Illustration of PDF document with extended life-time protection
The life-time of the protection can be further extended beyond the life-time of the last document time-stamp applied by
adding further DSS information to validate the previous last document time-stamp along with a new document
time-stamp. This is illustrated in figure 3.
ETSI

---------------------- Page: 10 ----------------------
11 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
DSS (Sig)
Doc. Time-stamp
TS1 (2009)
DSS (TS1)
Doc Time-stamp
TS2 (2015)

Figure 3: Illustration of PDF Document with repeated LTV
5.4.2 Document Security Store
5.4.2.1 Catalog
Added to ISO 32000-1 [1] Table 28 "Entries in catalogue dictionary"
KEY TYPE VALUE
DSS Dictionary (Optional) Document-wide security-related information.

5.4.2.2 DSS Dictionary
The Document Security Store (DSS) shall be a dictionary that shall have the value DSS as key in the document catalog
dictionary. This dictionary is used to provide a single place where all of the validation-related information for some or
all signatures in the document should be placed.
The DSS dictionary, if present, shall contain validation-related information only for document signatures represented in
PKCS#7 and CMS (and its derivatives) format or for XAdES signatures of forms signing dynamic XFA [i.8].
NOTE: See ETSI EN 319 142-2 [i.12] for specification of XAdES signatures of forms signing dynamic XFA.
ETSI

---------------------- Page: 11 ----------------------
12 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
Entries in a DSS Dictionary
KEY TYPE VALUE
Type Name (Optional) It shall be DSS for a document security store
dictionary.
VRI Dictionary (Optional) This dictionary contains Signature VRI dictionaries in
the document. The key of each entry in this dictionary is the
base-16-encoded (uppercase) SHA1 digest of the signature to
which it applies and the value is the Signature VRI dictionary
which contains the validation-related information for that
signature.
(See additional requirements a, b, c.).
Certs Array (Optional) An array of indirect references to streams, each
containing one DER-encoded X.509 certificate (that shall be as
defined in IETF RFC 5280 [4]). This array contains certificates
that can be used in the validation of any signatures in the
document.
OCSPs Array (Optional) An array of indirect references to streams, each
containing a DER-encoded Online Certificate Status
Protocol (OCSP) response (that shall be as defined in IETF
RFC 6960 [5]). This array contains OCSPs that can be used in
the validation of any signatures in the document.
CRLs Array (Optional) An array of indirect references to streams, each
containing a DER-encoded Certificate Revocation List (CRL)
(that shall be as defined in IETF RFC 5280 [4]]). This array
contains CRLs that can be used in the validation of any
signatures in the document.
a) For document signatures or document time-stamp signatures the bytes that are hashed shall be those of the
complete hexadecimal string in the entry with the key Contents of the associated Signature Dictionary
containing the signature's DER-encoded binary data object (e.g. PKCS#7, CMS or CAdES objects).
b) For the signatures of CRLs and OCSP responses, the bytes that are hashed shall be the respective signature
objects represented as a BER-encoded OCTET STRING encoded with primitive encoding.
c) When computing the digest of a XAdES signature found in dynamic XFA [i.8], the contents of the ds:Signature
shall be canonicalized using exclusive canonicalization (http://www.w3.org/2001/10/xml-exc-c14n#) as
specified in [7] and then hashed.

Any VRI dictionaries shall be located in document incremental update sections. If the Signature Dictionary to which a
VRI dictionary applies is itself in an incremental update section (see clause 7.5.6 of ISO 32000-1 [1]), the VRI update
shall be done later than the signature update.
5.4.2.3 Signature VRI Dictionary
The signature VRI dictionary shall contain validation-related information (VRI) for a specific signature in the
document to which the validation information applies.
ETSI

---------------------- Page: 12 ----------------------
13 Draft ETSI EN 319 142-1 V1.0.0 (2015-06)
Entries in a Signature VRI Dictionary
KEY TYPE VALUE
Type Name (Optional) If present, it shall be VRI for a validation-related
information dictionary.
Cert Array (Optional, if present, it shall not be an empty array) An array of
indirect references to streams, each containing one BER-encoded
X.509 certificate (that shall be as defined in IETF RFC 5280 [4]). This
array should contain all certificates that were used in the validation of
this signature.
CRL
Array (Optional, if present, it shall not be an empty array) An array of
indirect references to streams that are all CRLs used to determine the
validity of the certificates in the chains related to this signature. Each
str
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.