'Re: [dev-crypto] PKCS7 Signature'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    Re: [dev-crypto] PKCS7 Signature
From:       kuehne () trustable ! de
Date:       2011-09-29 14:43:24
Message-ID: 201109291443.p8TEhOEt013514 () post ! webmailer ! de
[Download RAW message or body]


Hi ruslan,

here's what we once build for signing without having a JCE provider.
If you're curious there was a lengthy thread in the iText list. Search for 

   [iText-questions] HASH, SMARTCARD and PKCS#7 detached


Greetings,

Andreas

----- weitergeleitete Nachricht ---------


Betreff: Re: Re: Re: [iText-questions] HASH, SMARTCARD and PKCS#7 detached
Datum: Di, 08. Mrz 2011
Von: kuehne@trustable.de

> Hi,
> 
> I talked myself into providing sample code for signing a PDF with a PKCS7
> signature using a smartcard. So here it is :
> 
> Look at the SampleExternalSigning class in the package
> de.trustable.bouncycastle.cms :
> 
> In the 'main' method the in- and outfiles were read from the command line, a
> test certificate and a key pair gets created and the BouncyCastle security
> provider is registered. 
> 
> The more interesting part starts at line 194 : As we are not able to forward
> the private key to the crypto lib directly now there is an interface called
> 'PlainSignMethodCallbackHandler' that will be called when it comes to
> signing. There is only one method required. Here you can see a sample
> implementation using the pregenerated private key. In a real life scenario
> you'll need to fill in the smartcard api access code instead. That's the
> tricky part ..
> 
> The other code is more or less a standard singning sample using the
> PDFStamper. The major difference here is the use of the
> CMSSignedExternalDataGenerator class, which is not from BouncyCastle but
> from this sample package. It's mostly a copy of the already existing
> CMSSignedDataGenerator with the required changes to use a callback method
> instead of a private key. Most of the other code was required to be copied
> due to visibility limatiations, no magic in there ...
> 
> To run the sample you need to have iText-5.0.6.jar, bcprov-jdk16-146.jar,
> bcmail-jdk16-146.jar and the mail.jar in the classpath additionally to the
> classes ... older BC versions will surely cause problems as some internal
> method signatures changed recently. 
> 
> Let me know if you come across problems with this sample ...
> 
> Good luck,
> 
> Andreas
> 
> ----- original Nachricht --------
> 
> Betreff: Re: Re: [iText-questions] HASH, SMARTCARD and PKCS#7 detached
> Gesendet: Mo, 28. Feb 2011
> Von: kuehne@trustable.de
> 
> > Hi Fra,
> > 
> > as this topic turns out to be of general interest, I'll build a sample
> using
> > Bouncy Castle. I'll post it to the list in the next days if noone else got
> > some code at hand ...
> > 
> > Greetings
> > 
> > Andreas
> > ----- original Nachricht --------
> > 
> > Betreff: Re: [iText-questions] HASH, SMARTCARD and PKCS#7 detached
> > Gesendet: Mo, 28. Feb 2011
> > Von: fra<shade84@libero.it>
> > 
> > > Hi 0de55a
> > > sorry for disturb, but i think i have the same problem, but i don't know
> > > how
> > > i can convert my byte[] data to PKCS#7 format. 
> > > Sorry, maybe it is very stupid question but i can't resolve this
> problem.
> > > Can you give me any advice?
> > > (I am working in c# but java it is ok)
> > > 
> > > thanks in advance.
> > > 
> > > -- 
> > > View this message in context:
> > >
> >
> http://itext-general.2136553.n4.nabble.com/HASH-SMARTCARD-and-PKCS-7-detache
> > > d-tp3047252p3328061.html
> > > Sent from the iText - General mailing list archive at Nabble.com.
> > > 
> > >
> >
> ----------------------------------------------------------------------------
> > > --
> > > Free Software Download: Index, Search & Analyze Logs and other IT data
> in 
> > > Real-Time with Splunk. Collect, index and harness all the fast moving IT
> > > data 
> > > generated by your applications, servers and devices whether physical,
> > > virtual
> > > or in the cloud. Deliver compliance at lower cost and gain new business 
> > > insights. http://p.sf.net/sfu/splunk-dev2dev 
> > > _______________________________________________
> > > iText-questions mailing list
> > > iText-questions@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/itext-questions
> > > 
> > > iText® is a registered trademark of 1T3XT BVBA.
> > > Many questions posted to this list can (and will) be answered with a
> > > reference to the iText book: http://www.itextpdf.com/book/
> > > Please check the keywords list before you ask for examples:
> > > http://itextpdf.com/themes/keywords.php
> > > 
> > 
> > --- original Nachricht Ende ----
> > 
> > 
> 
> --- original Nachricht Ende ----
> 
> 
> 



---- weitergeleitete Nachricht Ende ----


["signExternal.zip" (application/zip)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic