Security
Digital IDs and Certification Methods
12
About Digital ID Providers
A digital ID provider is a trusted 3rd party, often called a
certificate authority
or
signature
handler,
that verifies the identity, issues the private key, and protects the public key. The
certificates
property of the
signatureInfo
object contains an array of certificates
that reflects the hierarchy leading from the signer’s certificate to that issued by the
certificate authority. Thus, you may inspect the details of the certificate issued by the digital
ID provider, such as its
usage
property.
For example, the following code encrypts the current document for everyone in the
address book. It does this by creating a collection of certificates suitable for encrypting
documents, which are filtered from the overall collection. This is accomplished by
examining all the certificates in the address book and excluding those entries containing
sign-only certificates, CA certificates, no certificates, or certificates otherwise unsuitable for
encryption:
// Obtain the security handler:
var eng = security.getHandler("Adobe.AAB");
// Connect to the directory containing the certificates:
var dc = eng.directories[0].connect();
// Obtain the list of all recipients in the directory:
var rcp = dc.search();
// Create the filtered recipient list:
var fRcp = new Array();
// Populate the filtered recipient list:
for (var i=0; i<rcp.length; i++) {
if (rcp[i].defaultEncryptCert &&
rcp[i].defaultEncryptCert.usage.endUserEncryption)
fRcp[fRcp.length] = rcp[i];
if (rcp[i].certificates) {
for (var j=0; j<rcpp[i].certificates.length; j++)
if (rcp[i].certificates[j].usage.endUserEncryption)
fRcp[fRcp.length] = rcp[i];
}
}
// Now encrypt for the filtered recipient list:
this.encryptForRecipients({[userEntities: fRcp]});
Acrobat JavaScript Scripting Guide
219