I need to sign data stored on the server using the key stored on the client's computer. How do I do this?
There exist several methods:
1. Transfer the certificate and a private key to the server. This option significantly undermines security of the private key and should be avoided (we mention it here for completeness and awareness).
3. Calculate the hash of the data on the server and send it to the client. The method is similar to method 2 above with exception that not the document itself is sent to the client, but only its hash. This method requires that there exists a server-side code, which can embed or in other way merge the signature with the original document.
SecureBlackbox offers Distributed Cryptography Add-on for those components which support signing of data (CMS / CAdES, PDF / PAdES, XMLDSig / XAdES standards and Office document signing). Those components can calculate a hash and send it to the client for signing, and then incorporate the signature to the document. Also Distributed Cryptography Add-on includes pre-built client-side browser modules (Java applet, Flash applet and ActiveX control) which can sign the hash.
Distributed Cryptography Add-on is an add-on which can be purchased with selected packages (PKIBlackbox, PDFBlackbox, XMLBlackbox, OfficeBlackbox, SecureBlackbox Data Security and SecureBlackbox Professional).