EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Signing an XML string in a WEB solution with the client certificate in

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#22548
Posted: 11/20/2012 11:25:18
by Daniel Oliveira (Basic support level)
Joined: 11/20/2012
Posts: 19

Am evaluating the acquisition of the solution. But my scenario is: I need you to digitally sign arquvios XML (generated on the server side) on the client, and the client certificates are in Tokens (A3) and the solution will be via web pages. And for a legal issue in my country (Brazil) need to use PKCS # 7. As I have a short deadline for implementation wonder if I can accomplish this with a suite of components
#22549
Posted: 11/20/2012 11:27:42
by Eugene Mayevski (EldoS Corp.)

Yes, you can accomplish your task using SecureBlackbox with Distributed Cryptography add-on. We have samples for distributed PDF signing (in Samples\language\PDFBlackbox folder) which you can use as a guideline at the moment. We will implement some XML samples for future build of SecureBlackbox.


Sincerely yours
Eugene Mayevski
#22550
Posted: 11/20/2012 11:39:56
by Daniel Oliveira (Basic support level)
Joined: 11/20/2012
Posts: 19

Explaining a bit better: my clients on a portal (in asp.net) will receive requests and perform the same way - a work flow. Each step consists of a set of information that are stored in a database and serialized into XML and then is prompted to insert the Token, PIN, and then I will sign this XML string in the client and send it back to the server to be stored, thus confirming the acceptance or rejection of the user.

So is the suite of components of you I have an Applet or ActiveX or SilverLight via JavaScript that accesses the certificate on the token or smartcard and he can sign my XML into memory and return to the server? But seeing their samples realized that required a DLL (driver dispositvo) to access the token in a solution where WEB Terie thousands of customers as I do?

I know I'm being long, but I need to take a buying decision as soon as possible due to the size of the project.
#22551
Posted: 11/20/2012 11:44:40
by Eugene Mayevski (EldoS Corp.)

I am not sure that I understand the second part right, but I see the general idea and what you need is exactly what we designed Distributed Signature add-on for.

On the client side you need to use ActiveX control or Java applet (we provide both of them). To access the certificate on the smartcard or USB token these controls can use either Windows Certificate Storage API or PKCS#11 API. PKCS#11 API requires a PKCS#11 driver DLL on the client computer, but this is not yoiur problem - this DLL is shipped by the vendor of hardware (cryptocard or cryptotoken) and you will need just to setup the way for the user to reference this DLL. In case of Windows CertStorage API you don't need extra DLLs.


Sincerely yours
Eugene Mayevski
#22553
Posted: 11/20/2012 12:05:56
by Daniel Oliveira (Basic support level)
Joined: 11/20/2012
Posts: 19

Thanks,
I am evaluating the SecureBlackbox. NET is the Distributed Cryptography Add-on for SecureBlackbox ® include? Or I need a new download and another key? I have a key that you provided to my partner that will expire on 12/06/2012.
#22554
Posted: 11/20/2012 12:07:38
by Eugene Mayevski (EldoS Corp.)

Everything is included with the evaluation version and the provided key will work.

The add-on is licensed separately (there's a checkbox under the package selection dropdown in the price calulator).


Sincerely yours
Eugene Mayevski
#22556
Posted: 11/20/2012 12:49:30
by Daniel Oliveira (Basic support level)
Joined: 11/20/2012
Posts: 19

Eugene

I'm using a Token: Starsign Crypto USB Token, but I can not use it. I have pointed out several DLLs, but the error is the same.


#22557
Posted: 11/20/2012 12:52:00
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

You should take this DLL in \EldoS\SecureBlackbox.NET\Extra\PKCS11ProxyDLL folder and put behind the executable file.
#22558
Posted: 11/20/2012 13:02:21
by Eugene Mayevski (EldoS Corp.)

For distributed signing you don't need to call PKCS#11 from .NET (which is executed on the server) - PKCS#11 DLL is specified to client-side modules (ActiveX or Java).

For testing of .NET signing you need to specify path to the proxy as Vsevolod pointed.


Sincerely yours
Eugene Mayevski
#22559
Posted: 11/20/2012 13:07:11
by Daniel Oliveira (Basic support level)
Joined: 11/20/2012
Posts: 19

Thanks,Vsevolod

It´s works to access the certificate in Token. But, another error when I try to sign the xml file. My SO is Win7 64x


Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 2695 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!