The PlugPDF SDK provides capabilities for digitally signing your PDF documents, both on Android and iOS. We have already discussed how to achieve it in these two articles listed below:
- How to Sign a PDF Document with a X.509 Signing Certificate on Android
- How to Sign a PDF Document with a PKI Certificate on iOS
Indeed, the PlugPDF library comes out of the box with a number of methods specifically designed for this purpose.
However, the very first thing is to learn all the pretty obscure terms involved, sometimes quite literally, and related items. So in today’s post we would like to walk you through the very basics of the Public Key Infrastructure.
PKI stands for Public Key Infrastructure. This generic term includes all the agents involved in a secure encrypted communication: From the hardware, the software and the the encryption algorithms used, to the policies and procedures applied.
So to speak, PKI is everything, and is everywhere all around encrypted things. Users, whether digitally signing their documents or accessing an SSL server, are also part of the PKI.
Some PKI agents are: CAs, public key certificates, Bob, Alice, and digital signatures.
This is another term you will find often in the world of cryptography. It refers to the process of guaranteeing that an individual (Bob) sending a message to another (Alice) is really who he or she claims to be.
The most important thing for you to know is that a digital signature is like a physical one.
Since digital signatures have the same legal validity as the traditional handwritten ones, they are usually regulated by the governments of countries.
Public Key Cryptography
Unlike symmetric encryption, public-key cryptography uses two separate related keys (a key pair) to work, one of which is private and one of which is public. The public key can be generated from the private key, but the private key cannot virtually be deduced from the public one.
It is for this mathematical operating principle that public keys can be shared freely between applications and users, since they are used to encrypt information; on the other hand, private keys must be kept secret because they are intended to decrypt.
Two common asymmetric cryptography algorithms are RSA and Diffie-Hellman.
In the PKI, a CA is the authority issuing the certificates. This is a central point in the sense that all the PKI participants are aware of its existence and trust it.
Have you ever got an error like this while browsing the Internet?
This Connection is Untrusted. You have asked Firefox to connect securely to this.website.com, but we can’t confirm that your connection is secure.
Your connection is not private. Attackers might be trying to steal your information.
Sure you have! This is because there is a self-signed SSL certificate installed on that given web server. Instead of purchasing an SSL certificate in a trusted CA provider, the webmaster decided to create it himself, probably with a tool like OpenSSL.
This is the piece of software required for both users and applications to encrypt data. In fact it’s a file which is also referred to as the public key certificate. More specifically in our case (signing a PDF document), the PDF signing process requires that the signer’s certificate is embedded in the PDF file, as it is described by Adobe.
There are three main types of digital certificates: User Certificates, Server Certificates (SSL) and Code Signing Certificates.
In our previous Android and iOS tutorials we assumed that you were holding your user certificate. As you’ve probably guessed, this one is intended for validating the identity of regular users (people) like you and me.
In today’s post we’ve presented some basic concepts required for signing your PDFs natively on mobile platforms.
Remember that we’ve already explained all the necessary steps for Android and iOS. The nuts and bolts of that PDF signing process can be found in this document by Adobe.
If you have any questions on how to sign your PDFs with the PlugPDF library, please feel free to contact us. Leave us a comment on the support forum, we will be happy to help you.