7 Replies Latest reply on Aug 4, 2011 1:20 PM by roggeheflin

    Certificate Encryption using JavaScript

    roggeheflin

      All:

      I am encrypting documents using a certificate.  This code works exect that the document restrictions are not employed.

       

      After the code is executed, all the document restrictions (Document Properties -> Security -> Document Restriction Summary) are "Allowed".  When "Change Settings" is clicked, the Certificate Secuirty Settings window appears.  After clicking "Next", the Permissions group box has all the correct permissions; HOWEVER, when one clicks "Permissions..." the check box "Restrict printing and editing of the document and its security settings" is not ticked.  After ticking the "Restrict printing..." check box and saving the document (notice no other settings were chaged), the permissions are removed.

       

      How does one use JavaScript to "Restrict printing and editing of the document and its security settings"?

       

      var curDoc = this;
      
      var certPath = "/C/Documents and Settings/rrh/Desktop/Sample/";
      var cliCertFile = "CertFile.cer";
      
      var cliCert = security.importFromFile({cType:"Certificate", cDIPath:certPath + cliCertFile});
      
      var cliEntity = [{defaultEncryptCert:cliCert}];
      
      var cliPermissions = 
      {
          allowAll: false,
          allowAccessibility: false,
          allowContentExtraction: false,
          allowChanges: "none",
          allowPrinting: "lowQuality"
      };
      
      curDoc.encryptForRecipients(
      {
          oGroups:
          [
              {userEntities: cliEntity, permissions: cliPermissions}
          ],
          bMetaData:true,
      });
      
      

       

      Special Kudos to Patrick who helped with document certification in JS.

        • 1. Re: Certificate Encryption using JavaScript
          Patrick Leckey Level 3

          Are you getting any errors at all in the JS Console?  The code looks to be good, unless cliEntity is malformed and being ignored.  If you send this file to a system that does not have your test certificate installed, how do the security settings appear?

          • 2. Re: Certificate Encryption using JavaScript
            roggeheflin Level 1

            no errors

             

            the document can't open with out the certificate.

             

            It seems that the settings in cliEntity are seeded, but just not activated.

             

            If one was manually encrypting the document, the "Restrict printing...." check box must be ticked before setting no printing, no changes, no copying,etc.  In this case, the "no changes, no printing" settings are set and ticked properly, though the controls are disabled in the window and "Restrict printing..." is not ticked. (Verified by closing Acrobat and opening the secured document in a new Acrobat instance)

            • 3. Re: Certificate Encryption using JavaScript
              Patrick Leckey Level 3

              Try using the Standard security handler instead of PPKLite and setting a password for those options, seperately from your certificate encryption.  Those values are normally controlled by a restriction password and not an open password, and as such are seperate from the document encryption scheme.

               

              It should be possible to set those with a certificate, just may not be possible via JS but I will look into it.  Try the above in the meantime and let me know.

              1 person found this helpful
              • 4. Re: Certificate Encryption using JavaScript
                roggeheflin Level 1

                I have a batch sequence that sets the security with a password and then the document is certified by the java script.  The document permissions/restrictions are set properly and the document is certified.

                 

                ______________________

                 

                The issue with a batching this process is i want a unique certificate to be used for each reciepient.  I have stored the certificate's file name in the document so it is easy to choose the corresponding certificate.

                 

                As you know, i want to secure the document with a certificate, and if i need to send 100 documents with client specific information, it would be nice to use certificate encryption (text passwords travel too easily) with the certificae selected by JS, etc... I (we) have mostly achieved this goal.  the document integrity is in place, but we i want is the additional encryption and "directed" recepients... with "open password" protection.

                 

                I appreciate your help and interest. (if only "I" could use LiveCycle)

                 

                cheers and have a great week.

                • 5. Re: Certificate Encryption using JavaScript
                  roggeheflin Level 1

                  I GOT IT!  The issue was an error of omission: curDoc.saveAs(curDoc.path);

                   

                  var curDoc = this;
                  var cliPath = "/C/Documents and Settings/rrh/Desktop/Sample/";
                  var cliCertFile = "CertFile.cer";
                  
                  var cliCert = security.importFromFile({cType:"Certificate", cDIPath:cliPath + cliCertFile});
                  
                  var cliEntity = [{defaultEncryptCert:cliCert}];
                  
                  var cliPermissions = 
                  {
                      allowAll: false,
                      allowSecuritySettings: false,
                      allowAccessibility: false,
                      allowContentExtraction: false,
                      allowChanges: "none",
                      allowPrinting: "lowQuality"
                  };
                  
                  curDoc.encryptForRecipients(
                  {
                      oGroups:
                      [
                          {userEntities: cliEntity, permissions: cliPermissions}
                      ],
                      bMetaData: true,
                      bUI: false
                  });
                  
                  curDoc.saveAs(curDoc.path);
                  

                   

                  Other changes are the including

                  1) allowSecuritySettings: false

                  2) bMetaData: true, bUI: false

                   

                  It seems the document needed to be saved using JavaScript immediately after adding the security.  When trying to save the documentby File -> Save; the "The document could not be saved. Bad Paramater." error would appear.  By saving the document in code, the encryption is properly applied.  After closing and re-opening the document, all permissions are "Not Allowed" except for printing.

                   

                  Edit:

                  This code functioned in the console.

                  • 6. Re: Certificate Encryption using JavaScript
                    Patrick Leckey Level 3

                    D'oh! 

                     

                    Glad you got it working, and thanks for posting the code - I'm sure it will benefit someone else down the line!