EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElAppleCertStorage class does not exist on Base package

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#34971
Posted: 11/10/2015 06:52:06
by Cristóbal Leiva (Basic support level)
Joined: 10/23/2015
Posts: 3

I'm writing a Java application that download PDF files, signs them with a USB token (certificate storage) and immediately upload them.
I am building the windows application, based on your SecurePDF sample and here I found the TElWinCertStorage, that allows to read the certificate storages on the PC. But when I tried to do this on a Mac OSX Mavericks, it failed. I read the documentation where I found the TElAppleCertStorage class, that it seems to be the Mac version of this process. But when I was going to imported it, I could not find it on the Blackbox.Base package.

Am I correct about this class? Where can I find it? Do you have an upgraded Blackbox.Base package version?

In advance, thanks.
#34972
Posted: 11/10/2015 07:18:26
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you contacting us.

TElAppleCertStorage is not available in Java Edition, sorry. However you can use PKCS#11 related classes to work with your token directly.

The sample can be found in \Samples\PKIBlackbox\PKCS11\CryptoTokenDemo folder.

I’ve noticed there is no Support Access Ticket linked to your user account on EldoS site. Technical Support is provided to customers with the linked Support Access Ticket. You will find your Support Access Ticket together with all the details about how to use it in the registration e-mail that we’ve sent to you upon the purchase.

If you are evaluating the product and don't have a license yet, please let us know and then you can have support according to Basic support level. Basic support level includes answering basic technical questions that appear during product evaluation period. We also offer Premium support for a purchase from https://www.eldos.com/support/calc.php . You can use Premium Support to get higher level of assistance during your evaluation of our products.
#35053
Posted: 11/19/2015 17:27:50
by Cristóbal Leiva (Basic support level)
Joined: 10/23/2015
Posts: 3

Vsevolod:

Sorry for my late response. I tell you I'm working on a Java application that download PDF documents from a web server, it signs them with a digital certificate stored on a USB Token (a SafeNet 7300) and then it uploads them signed. This application needs to work on both Windows and Mac OSX, and for that I decided to use SecureBlackbox after several talkings with Eugene, who told me it could be possible. I succesfully develop this process on Windows, but now I'm trying to figure out how to do this on Mac OSX. If we can achieve both process (on Windows and Mac) we will buy the two libraries needed (PKIBlackbox & PDFBlackbox).

Can you help me with the process? I tried the TinySignerPKCS11 and the CryptoTokenDemo but I could not read the digital certificate from the USB token nor from a file neither.

Considering the TElAppleCertStorage class is not available for Mac OSX, What class do I have to use to:

1.- read the certificate from an external storage (and from a file if is possible)

2.- handle the certificate to sign a pdf. Now I'm using the TElX509Certificate class in Windows, Does this class work on Mac OSX?


In advance, thank you so much.


Best regards!
#35055
Posted: 11/20/2015 01:19:54
by Eugene Mayevski (EldoS Corp.)

Yes, both TElX509Certificate and TElPKCS11CertStorage work on Macs. The API is the same on Windows and Mac. It could be easier to start solving your problem if you told us, what exactly problem you are having. Are you getting error messages? Are some error codes returned from the methods?


Sincerely yours
Eugene Mayevski
#35063
Posted: 11/20/2015 09:41:43
by Cristóbal Leiva (Basic support level)
Joined: 10/23/2015
Posts: 3

First of all, the TinySignerPKCS11 does not recognize the digital certificates stored on the USB Token or installed on the Mac.
Secondly, when I press Open Storage, It only allows me to search any file (not an specific extension file) only on the Hard Drive or the Users folder, but not in an external USB token or external storage. Here, I look for a digital certificate file, but it launch me an error (this error was attached on the file).

I tried this sample on Windows and it recognized the installed certificates on the PC, but only through the TElWinCertStorage class and not from the TElPKCS11CertStorage. I follow the instructions of this post https://www.eldos.com/forum/read.php?FID=7&TID=6114 . commenting the TElWinCertStorage part and leaving only the TElPKCS11CertStorage process.

I believe you it is possible to sign PDF in Mac from a USB token or a digital certificate, but your samples can not achieve this.

If you can send a little demo of how to read the list of digital certificates stored on a USB Token (and the Mac), show them in a list and return the certificate as a TElX509Certificate, I will be able to sign the PDF and the process will be concluded. How I said, I have ready this process application on Windows, but if I won't be able to achieve it on Mac, I can't assure the purchase of the licenses.

In advance, thank you so much.


Ps: I'm using the libsbbjni64.so on the JNI init.

Code
JNI.initialize("/Users/Tito_Leiva/Dropbox/2015/Desarrollador/Magnet/utils/MacPdfSigner/files/MacOSX/libsbbjni64.so");

Is that right?


#35065
Posted: 11/20/2015 10:43:10
by Vsevolod Ievgiienko (EldoS Corp.)

Quote
Secondly, when I press Open Storage, It only allows me to search any file (not an specific extension file) only on the Hard Drive or the Users folder, but not in an external USB token or external storage. Here, I look for a digital certificate file, but it launch me an error (this error was attached on the file).

When you press <Open Storage> button you should choose PKCS#11 driver file. Its path depends on driver vendor. This driver will be loaded and used to work with your token, so you'll be able to use certificates stored on your device.

Quote
Ps: I'm using the libsbbjni64.so on the JNI init.

This is correct.
#35072
Posted: 11/20/2015 14:09:08
by Eugene Mayevski (EldoS Corp.)

To make the explanation clearer:

the sample you are referring to is used to show how to work with PKCS#11.

PKCS#11 requires that you have a software driver module, provided by the hardware vendor. The Open dialog doesn't expect you to choose the certificate -- it wants you to find the driver module and choose it.

TinySignerPKCS11 doesn't show how to use certificates from files. For this use case you need to take TinySigner sample.

Hope this makes the situation easier to handle.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 2726 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!