Digital Signature with SmartCard

  • Thread starter Thread starter Nicolas Macarez
  • Start date Start date
N

Nicolas Macarez

Hi
I have a smartcard reader (Omnikey USB device) set up on a Windows XP
desktop. I also have a card with a certificate issued by a financial firm I
need to send TEXT files to that firm using this card.

The idea is to send the TEXT files stamped with a digital signature (no
encryption required) to that firm, the smartcard certificate being the
signature.

I guess I need an extra software to apply the signature on the TEXT file,
but can't figure which one. I am ready to pay for it, of course.

Any idea?

Help appreciated
Nicolas
 
Hi,

which card are you using? Cards are like little computers with RAM, ROM,
Processor and Operating System. The extra Software you need is kind of a
driver (CSP, PKCS11). Usually they are supplied/sold by the card issuer.

Stefan

"Nicolas Macarez" <macarez@free.fr> schrieb im Newsbeitrag
news:uXtawFvEIHA.4752@TK2MSFTNGP04.phx.gbl...
> Hi
> I have a smartcard reader (Omnikey USB device) set up on a Windows XP
> desktop. I also have a card with a certificate issued by a financial firm
> I need to send TEXT files to that firm using this card.
>
> The idea is to send the TEXT files stamped with a digital signature (no
> encryption required) to that firm, the smartcard certificate being the
> signature.
>
> I guess I need an extra software to apply the signature on the TEXT file,
> but can't figure which one. I am ready to pay for it, of course.
>
> Any idea?
>
> Help appreciated
> Nicolas
>
>
 
Thanks Stephan for your answer
It looks like a credit card that your insert in the SmartCard Reader
connected to desktop with a USB cord.
No CD or extra software is provided: just a link to
http://www.opensc-project.org/ which looks like stuff for Linux machines.
Hope it might help...
Regards
Nicolas


"Stefan Engelbert" <stefan@aloaha.com> a écrit dans le message de news:
evVvlsvEIHA.5208@TK2MSFTNGP04.phx.gbl...
> Hi,
>
> which card are you using? Cards are like little computers with RAM, ROM,
> Processor and Operating System. The extra Software you need is kind of a
> driver (CSP, PKCS11). Usually they are supplied/sold by the card issuer.
>
> Stefan
>
> "Nicolas Macarez" <macarez@free.fr> schrieb im Newsbeitrag
> news:uXtawFvEIHA.4752@TK2MSFTNGP04.phx.gbl...
>> Hi
>> I have a smartcard reader (Omnikey USB device) set up on a Windows XP
>> desktop. I also have a card with a certificate issued by a financial
>> firm I need to send TEXT files to that firm using this card.
>>
>> The idea is to send the TEXT files stamped with a digital signature (no
>> encryption required) to that firm, the smartcard certificate being the
>> signature.
>>
>> I guess I need an extra software to apply the signature on the TEXT file,
>> but can't figure which one. I am ready to pay for it, of course.
>>
>> Any idea?
>>
>> Help appreciated
>> Nicolas
>>
>>
>
 
Hi,

thats not much information. Did you try the Aloaha Smart Card Connector if
it detects your Card?
http://www.aloaha.com/wi-software-en/aloaha-cryptographic-service-provider.php

Kind Regards
Stefan Engelbert

"Nicolas Macarez" <macarez@free.fr> schrieb im Newsbeitrag
news:OqYTJCwEIHA.5976@TK2MSFTNGP02.phx.gbl...
> Thanks Stephan for your answer
> It looks like a credit card that your insert in the SmartCard Reader
> connected to desktop with a USB cord.
> No CD or extra software is provided: just a link to
> http://www.opensc-project.org/ which looks like stuff for Linux machines.
> Hope it might help...
> Regards
> Nicolas
>
>
> "Stefan Engelbert" <stefan@aloaha.com> a écrit dans le message de news:
> evVvlsvEIHA.5208@TK2MSFTNGP04.phx.gbl...
>> Hi,
>>
>> which card are you using? Cards are like little computers with RAM, ROM,
>> Processor and Operating System. The extra Software you need is kind of a
>> driver (CSP, PKCS11). Usually they are supplied/sold by the card issuer.
>>
>> Stefan
>>
>> "Nicolas Macarez" <macarez@free.fr> schrieb im Newsbeitrag
>> news:uXtawFvEIHA.4752@TK2MSFTNGP04.phx.gbl...
>>> Hi
>>> I have a smartcard reader (Omnikey USB device) set up on a Windows XP
>>> desktop. I also have a card with a certificate issued by a financial
>>> firm I need to send TEXT files to that firm using this card.
>>>
>>> The idea is to send the TEXT files stamped with a digital signature (no
>>> encryption required) to that firm, the smartcard certificate being the
>>> signature.
>>>
>>> I guess I need an extra software to apply the signature on the TEXT
>>> file, but can't figure which one. I am ready to pay for it, of course.
>>>
>>> Any idea?
>>>
>>> Help appreciated
>>> Nicolas
>>>
>>>
>>
>
>
 
On Sat, 20 Oct 2007 11:21:24 +0200, Stefan Engelbert wrote:

> Hi,
>
> which card are you using? Cards are like little computers with RAM, ROM,
> Processor and Operating System. The extra Software you need is kind of a
> driver (CSP, PKCS11). Usually they are supplied/sold by the card issuer.

It isn't really clear here whether the problem is that the OP can't see the
card or if the OP only needs software that will allow him to sign a text
file. For example, you can't sign text files if you're using Notepad.

>
> "Nicolas Macarez" <macarez@free.fr> schrieb im Newsbeitrag
> news:uXtawFvEIHA.4752@TK2MSFTNGP04.phx.gbl...
>> Hi
>> I have a smartcard reader (Omnikey USB device) set up on a Windows XP
>> desktop. I also have a card with a certificate issued by a financial firm
>> I need to send TEXT files to that firm using this card.
>>
>> The idea is to send the TEXT files stamped with a digital signature (no
>> encryption required) to that firm, the smartcard certificate being the
>> signature.
>>
>> I guess I need an extra software to apply the signature on the TEXT file,
>> but can't figure which one. I am ready to pay for it, of course.
>>
>> Any idea?
>>
>> Help appreciated
>> Nicolas
>>
>>


--
Paul Adare
MVP - Virtual Machines
http://www.identit.ca
BPI: A 1960s term used to describe unmentionable parts of the anatomy, as
in
"you bet your bpi".
 
Stefan, Paul,
I guess ALOAHA is what I am looking for.
I'll try the Aloaha Smart Card Connector as soon as I am back at my client
office.
So it would be fine to sign PDF files.
But I am not sure the financial firm I am trying to send the file to is
ready to handle the PDF format instead of TXT format.

So my last question is: is there a way to sign TXT files?

Regards
Nicolas

"Paul Adare" . a écrit dans le message de news:
1qfz3qa7j9swr$.1buvif5dk909r.dlg@40tude.net...
> On Sat, 20 Oct 2007 11:21:24 +0200, Stefan Engelbert wrote:
>
>> Hi,
>>
>> which card are you using? Cards are like little computers with RAM, ROM,
>> Processor and Operating System. The extra Software you need is kind of a
>> driver (CSP, PKCS11). Usually they are supplied/sold by the card issuer.
>
> It isn't really clear here whether the problem is that the OP can't see
> the
> card or if the OP only needs software that will allow him to sign a text
> file. For example, you can't sign text files if you're using Notepad.
>
>>
>> "Nicolas Macarez" <macarez@free.fr> schrieb im Newsbeitrag
>> news:uXtawFvEIHA.4752@TK2MSFTNGP04.phx.gbl...
>>> Hi
>>> I have a smartcard reader (Omnikey USB device) set up on a Windows XP
>>> desktop. I also have a card with a certificate issued by a financial
>>> firm
>>> I need to send TEXT files to that firm using this card.
>>>
>>> The idea is to send the TEXT files stamped with a digital signature (no
>>> encryption required) to that firm, the smartcard certificate being the
>>> signature.
>>>
>>> I guess I need an extra software to apply the signature on the TEXT
>>> file,
>>> but can't figure which one. I am ready to pay for it, of course.
>>>
>>> Any idea?
>>>
>>> Help appreciated
>>> Nicolas
>>>
>>>
>
>
> --
> Paul Adare
> MVP - Virtual Machines
> http://www.identit.ca
> BPI: A 1960s term used to describe unmentionable parts of the anatomy, as
> in
> "you bet your bpi".
 
Last edited by a moderator:
Hello!
You wrote on Sun, 21 Oct 2007 10:55:06 +0200:

NM> So my last question is: is there a way to sign TXT files?

You can sign the text file using detached PKCS#7 signature. This way the
signature will be stored in a separate file.

Alternatively you can sign the file as if it were a binary file. The
signature will be enveloping in this case, i.e. the signed file won't be the
text file anymore. Validation of the signature will let you extract the
original text.

In both cases you would need to have a software that verifies the given file
and it's signature. And this software must be installed on the recipient's
side.


With best regards,
Eugene Mayevski
http://www.SecureBlackbox.com - the comprehensive component suite for
network security
 
Thanks Eugene,
What software do I use in that case, since it appears that the standard way
is to sign files in PDF or XML format.
For example, is your SecureBlackBox software able to sign a TXT file?
Help appreciated.
Nicolas


"Eugene Mayevski" <mayevski@eldos.com> a ecrit dans le message de news:
%23KOaMF8EIHA.3548@TK2MSFTNGP06.phx.gbl...
> Hello!
> You wrote on Sun, 21 Oct 2007 10:55:06 +0200:
>
> NM> So my last question is: is there a way to sign TXT files?
>
> You can sign the text file using detached PKCS#7 signature. This way the
> signature will be stored in a separate file.
>
> Alternatively you can sign the file as if it were a binary file. The
> signature will be enveloping in this case, i.e. the signed file won't be
> the text file anymore. Validation of the signature will let you extract
> the original text.
>
> In both cases you would need to have a software that verifies the given
> file and it's signature. And this software must be installed on the
> recipient's side.
>
>
> With best regards,
> Eugene Mayevski
> http://www.SecureBlackbox.com - the comprehensive component suite for
> network security
 
Hello!
You wrote on Sun, 21 Oct 2007 11:15:05 +0200:

NM> What software do I use in that case, since it appears that the standard
way
NM> is to sign files in PDF or XML format.
NM> For example, is your SecureBlackBox software able to sign a TXT file?

SecureBlackbox is a component suite for developers, not for end-users. If
you plan or can create your own application, - you are welcome. With
PKIBlackbox you will do what you need easily.

As for the end-user solutions, -- for enveloping signatures you can use our
Crypto4 Files (http://www.eldos.com/c4/c4files). But it doesn't offer
detached signature option.

With best regards,
Eugene Mayevski
http://www.SecureBlackbox.com - the comprehensive component suite for
network security
 
Most CSPs are shell integrated and allow to create a detached and an
enveloped PKCS7 signature with just a right mouse click. To sign PDF
documents you usually need an extra application.

Stefan

> So my last question is: is there a way to sign TXT files?
>
 
Hello!
You wrote on Mon, 22 Oct 2007 01:53:55 +0200:

SE> Most CSPs are shell integrated and allow to create a detached and an
SE> enveloped PKCS7 signature with just a right mouse click.

Which ones are "most"? Of three USB token CSPs (the most wide-spread on the
market) that I installed, none of them provides this function.

With best regards,
Eugene Mayevski
http://www.SecureBlackbox.com - the comprehensive component suite for
network security
 
Thanks to you all!
I'll try to make something with those advices.
Regards
Nicolas

"Eugene Mayevski" <mayevski@eldos.com> a écrit dans le message de news:
uv$1j0GFIHA.1168@TK2MSFTNGP02.phx.gbl...
> Hello!
> You wrote on Mon, 22 Oct 2007 01:53:55 +0200:
>
> SE> Most CSPs are shell integrated and allow to create a detached and an
> SE> enveloped PKCS7 signature with just a right mouse click.
>
> Which ones are "most"? Of three USB token CSPs (the most wide-spread on
> the market) that I installed, none of them provides this function.
>
> With best regards,
> Eugene Mayevski
> http://www.SecureBlackbox.com - the comprehensive component suite for
> network security
 
Back
Top