EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Sign data on the client using smartcard-based digital certificates.

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#17889
Posted: 10/16/2011 09:28:44
by Priel Hakak (Basic support level)
Joined: 10/16/2011
Posts: 3

Hello
I have two questions.

I am testing this product, I want to sign data on the client using smartcard-based digital certificates.

I used the PKIBlackbox to sign data from the server and It was working.
Now I need to get the certificates from the client. In the samples of the PDFBlackbox you have a demonstration of using ActiveX/Flex/java but it's not working because there is a missing reference to SBDCXMLEnc->TElDCXMLEncoding.
Can you tell me what is the missing reference file?

Does your product supports this way of sign data on the client using smartcard-based digital certificates?

Thanks.
#17893
Posted: 10/16/2011 13:02:35
by Eugene Mayevski (EldoS Corp.)

SBDCXMLEnc is in SecureBlackbox.DC assembly and this assembly is referenced by the project. So please check that your references are resolved properly by the compiler.

Quote
Priel Hakak wrote:
Does your product supports this way of sign data on the client using smartcard-based digital certificates?


Yes it does, however provided client-side modules (Java, ActiveX, Flex) don't support this. When you purchase a license, you get source code of provided modules and you can create your own set of modules with specific functionality and user interface that you need. In future updates our Java and ActiveX modules will support CryptoAPI and PKCS#11 storages out of the box.


Sincerely yours
Eugene Mayevski
#17920
Posted: 10/17/2011 12:40:21
by Priel Hakak (Basic support level)
Joined: 10/16/2011
Posts: 3

Thank you for your answer,

The whole purpose of buying this product is to help me in my implementation. I need to understand very accurately if it fits the purpose. All digital signature scenarios will be like this: signing a document/data on the client, through a web application, using a digital certificate that either is installed in the client’s PC or accessible through a smartcard (either way, the certificate will never be at the server and cannot be sent there).
I understood that your client-side modules don’t support do this

Although I can take the source code and extend it to cover our needs.
Do I need to generate/validate the signatures using the .NET low-level APIs, or will I be able to embed your high-level APIs into the client-side module to achieve this in an easier manner?

Thanks.
#17921
Posted: 10/17/2011 12:49:54
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

Quote
Do I need to generate/validate the signatures using the .NET low-level APIs, or will I be able to embed your high-level APIs into the client-side module to achieve this in an easier manner?

If you are asking about PKCS#11 storages then we have high-level components to manage them that you can build-in into your custom client side module.
#17922
Posted: 10/17/2011 12:57:32
by Eugene Mayevski (EldoS Corp.)

Quote
Priel Hakak wrote:
I understood that your client-side modules don’t support do this


This is not exactly correct. What you describe is possible and this is the whole purpose of Distributed Cryptography add-on. What I was saying is that existing client-side modules don't access smartcards and Windows certificate storage (Java and ActiveX modules will be extended in future builds to do this). You need to understand that existing modules are the base for your own custom modules and while they can be used out of the box, in many scenarios you will have to create your own modules.

Quote

Do I need to generate/validate the signatures using the .NET low-level APIs, or will I be able to embed your high-level APIs into the client-side module to achieve this in an easier manner?


With ActiveX module you use SecureBlackbox classes to do all the job. Java offers its own mechanisms to access Windows certificate storage and PKCS#11 (smartcard) storages and use of those mechanisms will be illustrated in updates to Java module. If you want to create your custom module (eg. Silverlight module), then the answer will depend on what technologies you will use.


Sincerely yours
Eugene Mayevski
#17970
Posted: 10/24/2011 05:43:07
by Priel Hakak (Basic support level)
Joined: 10/16/2011
Posts: 3

Do you think that the best alternative would be to create a Silverlight client module from scratch, right? That way, we can use the SecureBlackbox classes to do all the job using the SecureBlackbox classes instead of low-level APIs?


Does it is to support both IE and Firefox?
#17971
Posted: 10/24/2011 06:22:11
by Vsevolod Ievgiienko (EldoS Corp.)

Silverlight doesn't support p/invoke so you will not be able to use our high-level components that work with WinAPI and PKCS#11 (it will be possible in Silverlight 5 but its still beta).

As Eugene wrote above, with ActiveX module you can use SecureBlackbox classes to do all the job but this solution will be only IE compatible.

Regard Java, this solution will be both IE and Firefox compatible but SecureBlackbox for Java is not released yet. But you can use JDK to implement needed functionality.
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 2299 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!