[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    opaue signature from already signed data block
From:       Marco Parmeggiani <doc () maruko ! cjb ! net>
Date:       2002-10-25 13:02:05
[Download RAW message or body]

I need to send an opaquely signed message with the signature generated
by a smart card. Something like what mozilla does with a pkcs#11 module
installed.
I'm wondering if it's possible to do this thing altering part of the
SMIMESignedGenerator and related classes:

i have my text message
i hash it
i calculate the signature with the smartcard (with a native C function)

now i have a block of byte that represents the signature and i need to
build the smime message opaquely signed, that is, the p7m block. 
This is the hard part, it's not so easy understand that structure.
Obviously i also have certificates of the signer and of the CA.

I have no pkcs#11 native library for this card (it exists only for
windows and i want to work under Linux), i have only this native sign
function and i need to generate the message.

It is possible?
It is feasible?
If the response to the above questions is affermative, anyone could give
me a little help on where to start hacking things? I've thinked about
finding out the signature function that is called and replacing it with
a native call to my library. I don't know if this could lead to some
good results or not... i need only this functionality (opaquely signed
messages with private key that is on my smartcard) so it's not important
if changes break some other functionality in BouncyCastle library.

Obviously if someome knows a better solution i will be happy to hear it.
All types of suggestions are appreciated.

Thanks for any help.

Ciao
-- 
Seti@Home Java Applets
http://maruko.cjb.net/

[prev in list] [next in list] [prev in thread] [next in thread]