EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to sign plaintext with DC Module(Java Applet)

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#33315
Posted: 05/18/2015 14:34:59
by Mehmet Kut (Standard support level)
Joined: 05/18/2015
Posts: 2

You can see our code below.
The code is for signing plaintext with cadesbes and working really
good in console application.


Code
public byte[] SignTextCadesBes(string plainText, string username)
{
SBMIME.Unit.Initialize();

TElPKCS11CertStorage PKCS11CertStorage;
TElX509Certificate cert;
TElPKCS11SessionInfo session;

PKCS11CertStorage = new TElPKCS11CertStorage();
PKCS11CertStorage.DLLName = @"C:\Windows\SysWoW64\eTPKCS11.dll";
PKCS11CertStorage.Open();
session = PKCS11CertStorage.OpenSession(0, true);
session.Login((int)SBPKCS11Base.Unit.utUser, "XXXX");
cert = PKCS11CertStorage.get_Certificates(0);

TElSignedCMSMessage cms = new TElSignedCMSMessage();
var plainBytes = Encoding.UTF8.GetBytes(plainText);
cms.CreateNew(plainBytes, 0, plainBytes.Length);

TElCMSSignature sig = cms.get_Signatures(cms.AddSignature());

TElCAdESSignatureProcessor processor = new TElCAdESSignatureProcessor();
processor.OnBeforeSign += Processor_OnBeforeSign;
processor.Signature = sig;
processor.CreateBES(cert);

MemoryStream cmsStream = new MemoryStream();
cms.Save(cmsStream);
var result = cmsStream.ToArray();

PKCS11CertStorage.Close();

return result;
}

static void Processor_OnBeforeSign(object sender, TElCMSSignature signature, TElX509Certificate cert, TElCustomCertStorage chain)
{
signature.DigestAlgorithm = SBConstants.__Global.SB_ALGORITHM_DGST_SHA256;
signature.SigningTime = System.DateTime.UtcNow;
signature.SigningOptions = signature.SigningOptions & (~SBCMS.__Global.csoUseGeneralizedTimeFormat);
}
  


I need to same functionality with SBB DC module using java applet.
Do you have sample for this?

Thank you.
#33316
Posted: 05/18/2015 14:50:45
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

We do not have a sample for TElSignedCMSMessage, but you can use existing samples for PDF and XML signing as the general idea is the same.

Please check the samples in next folders:

- \EldoS\SecureBlackbox.NET\Samples\C#\PDFBlackbox\DC\ASPNet_Distributed
- \EldoS\SecureBlackbox.NET\Samples\C#\XMLBlackbox\DC\ASPNet_Distributed.

Also next articles will help to implement your task: https://www.eldos.com/security/articles/65-329.php

Also I’ve noticed there is no license ticket linked to your user account on EldoS site. Technical Support is provided to customers with the linked license tickets. You will find your license ticket together with all the details about how to use it in the registration e-mail that we’ve sent to you upon the purchase.

If you are evaluating the product and don't have a license yet, please let us know and then you can have support according to Basic support level. Basic support level includes answering basic technical questions that appear during product evaluation period.
#33321
Posted: 05/19/2015 08:37:41
by Mehmet Kut (Standard support level)
Joined: 05/18/2015
Posts: 2

Dear Vsevolod Ievgiienko,

We are still evaluating SBB.
Probably we will buy it soon but before buying I need to run my poc project which sign plaintext with DC Module.

I read your documentation and check sample projects.

My PreSigner.cs is

Code
using System;
using System.IO;
using System.Text;
using SBCMS;
using SBDC;
using SBDCXMLEnc;

namespace DCWeb
{
    public class PreSigner : System.Web.UI.Page
    {
        protected MemoryStream output;

        public const string plainText =
            "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.";

        protected virtual void Page_Load(object sender, EventArgs e)
        {
            SBUtils.Unit.SetLicenseKey("my trial key here");

            TElDCAsyncState state = null;

            int sigIndex = 0;
            
            TElSignedCMSMessage cms = new TElSignedCMSMessage();
            var plainBytes = Encoding.UTF8.GetBytes(plainText);
            cms.CreateNew(plainBytes, 0, plainBytes.Length);

            sigIndex = cms.AddSignature();

            cms.GetSignature(sigIndex).DigestAlgorithm = SBConstants.Unit.SB_ALGORITHM_DGST_SHA256;
            cms.GetSignature(sigIndex).SigningOptions = cms.GetSignature(sigIndex).SigningOptions & (~SBCMS.__Global.csoUseGeneralizedTimeFormat);
            cms.GetSignature(sigIndex).SigningTime = DateTime.Now;
            cms.GetSignature(sigIndex).PublicKeyAlgorithm = SBConstants.Unit.SB_CERT_ALGORITHM_SHA1_RSA_ENCRYPTION;

            cms.GetSignature(sigIndex).InitiateAsyncSign(ref state);
            
            output = new MemoryStream();
            TElDCXMLEncoding encoder = new TElDCXMLEncoding();

            state.SaveToStream(output, encoder);
            cms.Close();
            state.Dispose();
        }
    }
}



and my Result.cs is

Code

using System;
using System.IO;
using System.Text;
using SBCAdES;
using SBCMS;
using SBCustomCertStorage;
using SBDC;
using SBDCPKI;
using SBDCServer;
using SBX509;

namespace DCWeb
{
    public partial class Result : System.Web.UI.Page
    {
        public const string plainText = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum";

        protected void Page_Load(object sender, EventArgs e)
        {
            TElDCAsyncState state = new TElDCAsyncState();

            byte[] signature = new byte[Request.InputStream.Length];
            Request.InputStream.Read(signature, 0, signature.Length);

            MemoryStream input = new MemoryStream(signature);
            state.LoadFromStream(input, SBDCXMLEnc.__Global.DCXMLEncoding());

            TElDCBaseMessage msg = state.FindMessageByType(TElDCOperationResponseMessage.MetaClass.Instance);

            if (msg != null)
            {
                byte[] buf =
                    ((TElDCOperationResponseMessage) msg).KeysRDN.GetFirstValueByOID(
                        SBDCPKIConstants.Unit.SB_OID_DC_SIGNING_CERTIFICATE);

                var certStore = new SBCustomCertStorage.TElMemoryCertStorage();
                var sigHandler = new TElDCX509SignOperationHandler();
                TElX509Certificate cert = new TElX509Certificate();
                var server = new TElDCStandardServer();
                
                if (cert.LoadFromBufferAuto(buf, 0, buf.Length, "") == 0)
                {
                    try
                    {
                        TElSignedCMSMessage cms = new TElSignedCMSMessage();
                        var plainBytes = Encoding.UTF8.GetBytes(plainText);
                        cms.CreateNew(plainBytes, 0, plainBytes.Length);
                        
                        TElCMSSignature sig = cms.GetSignature(cms.AddSignature());

                        certStore.Add(cert, true);
                        sigHandler.CertStorage = certStore;
                        server.AddOperationHandler(sigHandler);


                        TElCAdESSignatureProcessor processor = new TElCAdESSignatureProcessor();
                        processor.OnBeforeSign += processor_OnBeforeSign;
                        processor.Signature = sig;
                        processor.CreateBES(cert, certStore);

                        MemoryStream cmsStream = new MemoryStream();
                        cms.Save(cmsStream);
                        var result = cmsStream.ToArray();
                    }
                    catch (Exception ex)
                    {
                        Trace.Write(ex.Message);
                    }
                }
            }
        }

        void processor_OnBeforeSign(object sender, TElCMSSignature signature, TElX509Certificate cert, TElCustomCertStorage chain)
        {
            signature.DigestAlgorithm = SBConstants.__Global.SB_ALGORITHM_DGST_SHA256;
            signature.SigningTime = System.DateTime.UtcNow;
            signature.SigningOptions = signature.SigningOptions & (~SBCMS.__Global.csoUseGeneralizedTimeFormat);
        }
    }
}



I can see subject and issuer information in cert object.
Everything seems correct but I'm getting "private key not found" error at

Code
processor.CreateBES(cert, certStore);
line.


Thanks for your help
Mehmet Kut

Reply

Statistics

Topic viewed 738 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!