EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Sign PDF externally, and then calculate and add PKCS#7

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#25410
Posted: 06/23/2013 09:23:14
by Eugene Mayevski (EldoS Corp.)

As I mentioned, we can easily replace the call to smartcard function with the call to our own functions, and in this way to find out if it's your code or smartcard code that fails to work.


Sincerely yours
Eugene Mayevski
#28375
Posted: 02/11/2014 20:57:38
by Thanh Nguyen Trung (Priority Standard support level)
Joined: 09/12/2008
Posts: 73

Dear SBB,

This discussion a little look like what we are working on:
The flow is like below:
- 1. Client (mobile devices) gets HASH of the PDF doc in the server
- 2. Client uses certificate (PFX) in app and generate a detach signature.
- 3. Client uploads the signature to the server
- 4. Server embeds the signature into the original PDF

Can you help let us know if it is possible for SBB to do 1 and 4 in .NET, also help let use know if you have lib to do 2 in iOS and Android.


Thanks & Best regards,
Thanh
#28376
Posted: 02/12/2014 01:14:52
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

Distributed Crypto plugin for SecureBlackbox will do the job. Its available for all SecureBlackbox editions (.NET, C++, Java), so is suitable for usage on .NET, iOS and Android.
#28377
Posted: 02/12/2014 01:31:45
by Eugene Mayevski (EldoS Corp.)

For steps 1 and 4 you can use existing SecureBlackbox classes on the server as is, without extra work (i.e. you will use different methods, but this is pretty standard and samples exist).

With mobile devices (steps 2 and 3) the situation is a bit more complicated (but not much).

Distributed Cryptography add-on for SecureBlackbox consists of the core classes and several browser modules (ActiveX control, Java applet, Flash applet) that perform certificate selection and signing.

Those modules use custom code -- ActiveX control uses SecureBlackbox classes, Java applet uses Java built-in cryptography (when we wrote Java plugin, SecureBlackbox for Java was not yet available) and Flash uses flash library for crypto.

On mobile devices you will need to reproduce what the plugins do. The licensed version of the Distributed Cryptography add-on comes with complete source code of the browser modules, so you will have a guide of what to do and how. On Android you will be able to reuse most of the code of Java applet OR you can translate pieces of Pascal code of ActiveX control to Java and use SecureBlackbox cryptography. On iOS you will need to translate pascal code to C++ and use C++ edition of SecureBlackbox.

SecureBlackbox offers functionality needed for steps 2 and 3 fully, but you will need to write the glue code that performs requests to the server and sends responses (SecureBlackbox has TElHTTPSClient component for HTTP/HTTPS).

All of this requires a license for PDFBlackbox package + Distributed Crypto add-on, for 3 editions (.NET or VCL for the server, Java for Android and C++ for iOS). We offer 40% discount when the license for 3 editions is purchased. You are welcome to contact us via helpdesk for individual ordering options, once you are ready to use SecureBlackbox.


Sincerely yours
Eugene Mayevski
#28378
Posted: 02/12/2014 02:01:24
by Thanh Nguyen Trung (Priority Standard support level)
Joined: 09/12/2008
Posts: 73

Dear SBB,

Thanks for your feedback!

Quote

For steps 1 and 4 you can use existing SecureBlackbox classes on the server as is, without extra work (i.e. you will use different methods, but this is pretty standard and samples exist).

We are licensed customer for SBB 8.0, I wonder if you could please let us know if our license is still fine for doing 1 and 4 :-). We ever used SBB 8 for PDF signing 3 or 4 year ago, and it worked. But doing embed signature into PDF is new for us, so we are not too sure.

Quote

With mobile devices (steps 2 and 3) the situation is a bit more complicated (but not much).

Thanks, our understanding is the same. We will investigate our solution first :-)

Thanks for your great support!
#28379
Posted: 02/12/2014 02:15:27
by Eugene Mayevski (EldoS Corp.)

You have an Ultimate license for SecureBlackbox Professional .NET edition + Distributed Cryptography add-on. This means that you can take the latest version (11 release or even preview version of SBB 12) in My Control Center ( https://www.eldos.com/cc/ ) and start development with it. Later you will need to add a license for other editions (for mobile development).


Sincerely yours
Eugene Mayevski
#28380
Posted: 02/12/2014 03:12:45
by Thanh Nguyen Trung (Priority Standard support level)
Joined: 09/12/2008
Posts: 73

It is great!

Thank you very much!
#28386
Posted: 02/12/2014 22:36:10
by Thanh Nguyen Trung (Priority Standard support level)
Joined: 09/12/2008
Posts: 73

Today, we had a while for the PDF ASPNet_Distributed sample, and it works. It will be great if you can send us an online reference about the Key spec and Operation result in the return message, so we can simulate it in our environment because we want JSON data exchange in mobile instead of XML that you are using in the sample.

We have the pascal source code, but it is too large, and we have some Java/Flex guys here, so I wonder if you can send us the java applet and/or Flex source code.

Thanks & Best regards,
Thanh
#28391
Posted: 02/13/2014 03:51:38
by Ken Ivanov (EldoS Corp.)

Hello Thanh,

I am afraid there's no public reference available for the properties you mentioned, so we will try to provide you with adequate assistance here in the forum.

The easiest way for you to port the signing-side DC code to JSON is to implement your own loadFromJSON, saveToJSON, customLoadFromJSON and customSaveToJSON methods for classes declared in the com.secureblackbox.dc.messages namespace, in a similar way to existing XML-based methods.

In DC signer's response messages, the OperationResult parameter should contain the result of signing - i.e. the signature itself. The Keys parameter can be used to provide additional keys or certificates and primarily used for passing the signing certificate and its chain to the requester.
#28392
Posted: 02/13/2014 04:17:16
by Thanh Nguyen Trung (Priority Standard support level)
Joined: 09/12/2008
Posts: 73

Thanks I got the source code directly.
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 12871 times

Number of guests: 2, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!