Skip to main content
Skip table of contents

Adding Certificate Security in Mako

📌 Overview

From Mako 6.4.0, digital certificates can be used to encrypt documents and verify a digital signature. They can assure the recipient that the document came from you, ensuring that only the intended recipient can view the contents. A certificate store the public key component of a digital ID.

📗 Instructions

When a PDF is secured using a certificate, you specify the recipients and define the file access level for each recipient or group.

🪜 Steps

  1. Create streams and private pkcs12 data: Create streams from certificate files (attached below).

  2. Create recipients info: Create a CEDLVectorIPDFOutput::CPDFRecipientsInfo object and add certificates and permissions. See code snippet below.

CODE 
recipientsInfo[0].certificates.append(cert1);
recipientsInfo[0].certificates.append(cert2);
recipientsInfo[0].permissions = permissions;

  1. Set encryption using recipients info: Finally you can set the encryption using IPdfOutput::setPublicKeyEncryption() with recipientsInfo as the second argument.

⌨️ Sample Code

Below is sample code to show how to set the encryption for two users (Generator and Recipient) when creating an encrypted PDF. Also available at MakoEncryptionSetter.cpp.

Digital Encryption
CPP 
// Get the assembly from the input.
IDocumentAssemblyPtr assembly = input->open("Example.pdf");

// Streams for the two input certificates
IRAInputStreamPtr cert1;
cert1 = IInputStream::createFromFile(jawsMako, "Generator.cer");
IRAInputStreamPtr cert2;
cert2 = IInputStream::createFromFile(jawsMako, "Recipient.cer");

// And the private pkcs12 data for both
IRAInputStreamPtr pkcs12_1;
pkcs12_1 = IInputStream::createFromFile(jawsMako, "Generator.p12");
IRAInputStreamPtr pkcs12_2;
pkcs12_2 = IInputStream::createFromFile(jawsMako, "Recipient.p12");

uint32 permissions = 1 << 0;

// Build the recipients list
CEDLVector<IPDFOutput::CPDFRecipientsInfo> recipientsInfo;

// Create a single recipients array sharing the same permissions.
recipientsInfo.resize(1);
recipientsInfo[0].certificates.append(cert1);
recipientsInfo[0].certificates.append(cert2);
recipientsInfo[0].permissions = permissions;

IPDFOutputPtr pdfOutput = obj2IPDFOutput(output);
if (pdfOutput)
{
    pdfOutput->setPublicKeyEncryption(128, recipientsInfo, false);
    pdfOutput->setLinearize(false);
}

// Write to the output as a batch
output->writeAssembly (assembly, "Encrypted.pdf");

The code refers to certificates that you can download from here:

Certificates.zip

☑️ Conclusion

Adding certificate security in Mako from version 6.4.0 onwards allows users to encrypt documents and verify digital signatures effectively. By following the provided steps, users can ensure that their PDFs are securely encrypted, with access restricted to specified recipients. The sample code illustrates how to implement this feature, enhancing document security and authenticity.

📚 Additional Resources

If you need additional help, see our API documentation for detailed information on class/method usage, or raise a support ticket via our customer portal.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close