1 Technical Note Providers (CSPs) for Acrobat C ONTENTS Requirements for Minimal Functionality 1 Recommendations for Maximum Functionality 2 For a Better User Experience Using CSPs in Acrobat 3 Other Recommendations 5 This document provides guidelines for those developers who need to develop a Provider (CSP) for use with Acrobat on the Windows platform. A CSP is a software module that uses cryptography algorithms for authentication, encoding, and encryption. The CSP makes it possible for MSCAPI-compliant applications to access digital IDs through an API rather than requiring the developer to provide a custom interface for each application to access a stored digital ID. The guidelines are discussed in the following sections: Requirements for Minimal Functionality on page 1 Recommendations for Maximum Functionality on page 2 For a Better User Experience Using CSPs in Acrobat on page 3 N OTE: These guidelines have changed since Acrobat 6.0, where MSCAPI support was first introduced. These guidelines apply to the PPKLite.api plugin used with Acrobat 6.0 and above; guidelines for specific versions are noted where necessary. Except where otherwise noted, all guidelines apply to both Adobe Acrobat and Adobe Reader. Requirements for Minimal Functionality The following recommendations must be met for a CSP to have at least minimal functionality within Acrobat. Provider types supported The CSP must have one of the following provider types: PROV_RSA_FULL (recommended) PROV_RSA_SIG PROV_DSS If the CSP is not one of these types, it may still work but it is not recommended or supported. If the CSP is not PROV_RSA_FULL, decryption will not work even if the certificate usage allows the operation.
5 4. Decryption This acquires and uses the private key handle during decryption. Acrobat first tries to acquire the private key without a UI. If it does not get the private key, it allows five calls per private key handle: UI is not allowed for the first call, but is allowed for the remaining four calls. Other Recommendations To support better credential validation. We recommend that the CSP support the CRYPT_ACQUIRE_COMPARE_KEY_FLAG when calling CryptAcquireContext. This is a useful test to ensure that the correct credential is being used. To support more efficient signing. Since Acrobat already has a digest of the document data to be signed, it is inefficient to have the CSP digest the data again when signing. We recommend that the CSP support the HP_HASHVAL flag when calling CryptSetHashParam. This allows the digest to be signed directly, rather than hashed and then signed. Copyright 2006 Adobe Systems, Incorporated. All rights reserved. Adobe Systems Incorporated 345 Park Avenue, San Jose, CA USA Adobe, the Adobe logo, Acrobat, Adobe LiveCycle, and Reader are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. Mac OS is a trademark of Apple Computer, Inc., registered in the United States and other countries. Linux is a registered trademark of Linus Torvalds. Microsoft, Windows, and Word are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Unix is a registered trademark of The Open Group. All other trademarks are the property of their respective owners. 28 August
VMware/Hyper-V Backup Plug-in User Guide COPYRIGHT No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying,
END USER S GUIDE VeriSign PKI Client Government Edition v 1.5 End User s Guide VeriSign PKI Client Government Version 1.5 Administrator s Guide VeriSign PKI Client VeriSign, Inc. Government Copyright 2010
Red Hat JBoss Enterprise Application Platform 6.4 Security Architecture Security Architecture Guide for JBoss Enterprise Application Platform 6. Zach Rhoads Ella Ballard Red Hat JBoss Enterprise Application
bbc Configuring LiveCycle Application Server Clusters Using WebSphere 6.0 Adobe LiveCycle June 2007 Version 7.2 2007 Adobe Systems Incorporated. All rights reserved. Adobe LiveCycle 7.2 Configuring LiveCycle
Kerio Control Administrator s Guide Kerio Technologies 2011 Kerio Technologies s.r.o. All rights reserved. This guide provides detailed description on configuration and administration of Kerio Control,
RSA Authentication Manager 8.1 Help Desk Administrator s Guide Revision 1 Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm
Citi Secure Email Program Receiving Secure Email from Citi For External Customers and Business Partners Protecting the privacy and security of client information is a top priority at Citi. Citi s Secure
ISDNLink INET-800 ISDN Router User s Guide FCC Statement: This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful
Copyright Acronis, Inc., 2000-2010. All rights reserved. Acronis, Acronis Compute with Confidence, and the Acronis logo are trademarks of Acronis, Inc. Linux is a registered trademark of Linus Torvalds.
Business Continuity Solutions BUSINESS CONTINUITY SonicWALL CDP Series SonicWALL CDP 6.1 Agent User s Guide SonicWALL CDP Agent User s Guide Version 6.1 SonicWALL, Inc. 2001 Logic Drive San Jose, CA 95124-3452
IBM Lotus Protector for Mail Encryption User's Guide Version Information Lotus Protector for Mail Encryption User's Guide. Lotus Protector for Mail Encryption Version 2.1.0. Released December 2010. This
1 Mi 2009 BuilderMT, LLC, 200 Union Blvd, Suite 500, Lakewood, Colorado USA 80228. All rights reserved. Workflow Management Suite, ProHome, BuilderMT are registered trademarks and are the express property
Installation and Upgrade Guide Copyright Statement Copyright Acronis International GmbH, 2002-2014. All rights reserved. Acronis and Acronis Secure Zone are registered trademarks of Acronis International
Ridgeline 4.0 Service Pack 2 Installation and Upgrade Guide 121098-01 Published March 2015 Copyright 2001 2015 Extreme Networks Legal Notice Extreme Networks, Inc., on behalf of or through its wholly-owned
The World's Leading Software for Label, Barcode, RFID & Card Printing White Paper Licensing for BarTender s Automation Editions Understanding Printer-Based Licensing and How to Configure Seagull License
Verified for Windows Server 2003 Test Specification VERSION 1.0 April 23, 2003 Microsoft Corporation ii This document is provided for informational purposes only and Microsoft makes no warranties, either
Wireless Fusion Enterprise Mobility Suite User Guide for Version 2.55 Wireless Fusion Enterprise Mobility Suite User Guide for Version 2.55 72E-107170-01 Rev. A November 2007 ii Wireless Fusion Enterprise
LifeKeeper for Linux Software RAID (md) Recovery Kit v7.2 Administration Guide February 2011 SteelEye and LifeKeeper are registered trademarks. Adobe Acrobat is a registered trademark of Adobe Systems,
TeamViewer 7 Manual Meeting TeamViewer GmbH Kuhnbergstraße 16 D-73037 Göppingen www.teamviewer.com Table of contents 1 About TeamViewer... 5 1.1 About the software... 5 1.2 About the manual... 5 2 Basics...
System 800xA Tools System Version 5.1 Power and productivity for a better world TM System 800xA Tools System Version 5.1 NOTICE This document contains information about one or more ABB products and may