12
Security
Digital IDs and Certification Methods
Managing Digital ID Certificates
Sharing Digital ID Certificates
You may share a self-signed digital ID certificate by exporting it as an FDF file. To do this,
sign the FDF file by invoking the
FDF
object’s
signatureSign
method, which works
similarly to that of the
doc
object. Its usage is illustrated in the example below:
// Obtain the security handler:
var eng = security.getHandler("Adobe.PPKLite");
// Access the digital ID:
eng.login("myPassword", "/C/myID.pfx");
// Open the FDF:
var myFDF = app.openFDF("/C/myFDF.fdf");
// Sign the FDF:
if (!myFDF.isSigned) {
// Sign the FDF
myFDF.signatureSign({
oSig: eng,
nUI: 1,
cUISignTitle: "Sign Embedded File FDF",
cUISelectMsg: "Please select a digital ID"
});
// Save the FDF
myFDF.save("/C/myFDF.fdf");
}
Building a List of Trusted Identities
The trust level associated with a digital ID is stored in the
trustFlags
property defined in
the
signatureInfo
object’s public key security handler properties. The bits in this
number indicate the level of trust associated with the signer, and are valid only when the
status
property has a value of
4
. These trust settings are derived from those in the
recipient’s trust database, such as the
Acrobat Address Book
(
Adobe.AAB
). The following
bit assignments are described below:
●
●
●
●
●
1
: trusted for signatures
2
: trusted for certifying documents
3
: trusted for dynamic content such as multimedia
4
: Adobe internal use
5
: the JavaScript in the PDF file is trusted to operate outside the normal PDF restrictions
224
Acrobat JavaScript Scripting Guide