Using Adobe's PDF Merchant for secure ebook distribution

1 2 3 4 5



WebBroker

WebBroker is a server-side component used to provide the real-time security services during the purchase process of each eBook. This component is provided as both a command line executable and a COM object for Microsoft Windows NT systems. We will concentrate on the COM object, as it is more suitable for implementation in an Active Server Pages environment such as Microsoft Internet Information Server (IIS).

This component generates both the license and request packets used in the sale of a PDF. Specifically the component performs two functions:

  1. Encrypting and obfuscating the Access Key used to decrypt the document and delivering this as an output key. The actual technique used for this step is not documented fully. The following minimal detail is provided by the PDF Merchant Reference Manual (2000); "Encryption techniques include RSA encryption with the provider’s private key as well as additional encryption steps. The key is also RFC1113 encoded (ASCII encoded) to allow it to be placed as a string in an XML file."

  2. Digitally signing the request and license packets used to communicate the habitat requests, and deliver the hidden Access Key. Digital certificates are generated using the sellers’ certificate.

An example call to WebBroker

‘ Initiialize WebBroker
         Dim ws
         Set ws = CreateObject("WebSell.Session.1")
         ws.InitKeys "c:\Program Files\PDF Merchant\cert\democert2.wsb", 1

     ' Set the title key, permissions and trust level
         Dim wb
         Set wb = ws.NewFDF
         wb.SetKeyFields strTitleKey, "FFFFFFFF", 1
         wb.SetDeviceID (strCPUID)
         wb.Encode
         strKey = wb.Data
         Set wb = nothing

1 2 3 4 5