EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Distributed Cryptography and signing of PDF, Office and XML Files

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
Posted: 01/29/2014 02:56:21
by Andreas Christoforou (Standard support level)
Joined: 09/01/2013
Posts: 12


From what i managed to find from the forum and knowledgebase it is my understanding that in order to sign (XAdES) PDF or Office (OpenXML) files, using the Distributed Cryptography modules, we need access to the client certificate prior to the actual signing.

Do you provide any samples or guidelines as to how to achieve that, since the provided samples that use DC use a server stored certificate when creating XAdES signatures?

Basically we whant to achieve the same fuctionality as with the XML DC asp.net sample where a user signs an xml filem while the certificate, public and private key reside on his PC and not on the server.

Best Regards

Andreas Christoforou
Posted: 01/29/2014 03:07:47
by Alexander Ionov (Team)

Thank you for the question.

By now it's supposed that you have the user's publc certificate on the server on the pre-signing step.

But we already have in our plans a task to modify the protocol sequence in order to allow the user to choose his/her certificate which he/she wants to use to sign a document first and send it to the server, so it can be used on the pre-signing step.

Best regards,
Alexander Ionov
Posted: 01/29/2014 03:19:52
by Andreas Christoforou (Standard support level)
Joined: 09/01/2013
Posts: 12

Thank you Alexander for the quick reply,

Do you have a time frame regarding that change?

Can we use the DC source code (Java Applet) to achieve that now

1. have the user select his/her certificate.
2. pass the certificate to the asp.net page.
2. to the pre-signing
3. give the result to the applet to sign it
4. return the signature to the page
5. do the post signing

Do you think this can be done with the current DC modules and the java applet code.

Andreas Christoforou
Posted: 01/29/2014 03:44:31
by Alexander Ionov (Team)

Andreas Christoforou wrote:
Do you have a time frame regarding that change?

It's planned in SecureBlackbox 12, but afaik its release time is not defined yet.

You described correct protocol sequence. All changes can be made with current DC modules and applet classes. But I'm not sure yet how many changes it will require.

Best regards,
Alexander Ionov



Topic viewed 1022 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!