1. Field of the Invention
Embodiments generally relate to digital rights management and, more particularly, to methods and apparatus for provisioning a private key to a user, for use by an application executable at a computer device, to apply a digital signature to content authored using the application.
2. Description of the Related Art
Digital content such as documents, spreadsheets, drawings, digital photos, audio recordings, and movies are frequently created and/or modified using a computer device such as a desktop computer, laptop or notebook computer, or a mobile terminal like a smart phone or tablet computer. Authors of such electronically stored content presently have two options when it comes to distribution. The author can, for example, produce and sign tangible copies of the content. It is far more common today, however, for the content creator to transmit or otherwise distribute the works in an electronic format. The electronic format selected for distribution can be one of several formats supported by and/or specific to the particular application employed by the user. To accommodate a broader audience, the original format may be converted into a more ubiquitous format compatible with a more widely installed application.
In order to control access to and/or enforce proprietary rights in content authored and distributed electronically, a digital “signature” is applied by an application executing on the computer device. For some computer devices, such as many conventional desktop, laptop and/or notebook computers, an application applying a digital signature retrieves a user certificate, also known as a private key, from a smart card or local certificate store residing in the memory of the computer device. Other computer devices, such as mobile terminals like smart phones, tablet computers, wearable computers, and personal digital assistants, however, may not be configured or configurable to securely access an external hardware device like a smart card. In such cases, each application seeking to apply a digital signature to content on behalf of a user must have access to its own respective private key for that unique user in the certificate store. Moreover, a typical mobile application configurable to apply digital signatures is unable to retrieve information it did not process and store as part of an installation or other specialized process. This means that each mobile application must store, for each supported user, a certificate/private key in its local storage or in a specified area of a certificate store.
Improved methods and apparatus for provisioning a certificate to a user, for use by an application executable at a computer device, are provided to apply a digital signature to content authored using the application.