Java implementation uses regular KeyStore to acces MSCAPI functionality and
PrivateKeySignature constructor accepts PrivateKey available from Keystore.
C# implementation behaves in different way. I can use standard .NET
libraries to access MSCAPI and get X509Certificate2 object that has
PrivateKey. Problem is that I don't know how to cast/convert/create
Org.BouncyCastle.Crypto.IICipherParameters from X509Certificate2.PrivateKey
(casting throws 'System.Security.Cryptography.RSACryptoServiceProvider' to
type 'Org.BouncyCastle.Crypto.ICipherParameters').
Here is code sample that does't work:
public void SignSmartCard(string src, string dst) {
X509Certificate2Collection collection =
X509Certificate2UI.SelectFromCollection((new X509Store(StoreName.My,
StoreLocation.CurrentUser)).Certificates, "", "",
X509SelectionFlag.SingleSelection);
X509Certificate2 cert = collection[0];
Org.BouncyCastle.X509.X509CertificateParser cp = new
Org.BouncyCastle.X509.X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate[] chain = new
Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(cert.RawData)
};
chain = GetCertChain(cert);
PdfReader reader = new PdfReader(src);
FileStream stream = new FileStream(dst, FileMode.Create);
PdfStamper stamper = PdfStamper.CreateSignature(reader, stream,
'\0', null, true);
PdfSignatureAppearance appearance = stamper.SignatureAppearance;
appearance.SetVisibleSignature("Racunopolagac");
//public
PrivateKeySignature(Org.BouncyCastle.Crypto.ICipherParameters pk, string
hashAlgorithm)
IExternalSignature es = new
PrivateKeySignature((ICipherParameters)cert.PrivateKey, "SHA-1");
MakeSignature.SignDetached(appearance, es, chain, null, null,
null, 0, CryptoStandard.CMS);
}
private static Org.BouncyCastle.X509.X509Certificate[]
GetCertChain(X509Certificate2 cert) {
Org.BouncyCastle.X509.X509CertificateParser cp = new
Org.BouncyCastle.X509.X509CertificateParser();
X509Chain ch = new X509Chain();
//ch.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
ch.Build(cert);
Org.BouncyCastle.X509.X509Certificate[] chain = new
Org.BouncyCastle.X509.X509Certificate[ch.ChainElements.Count];
for (int idx = 0; idx < ch.ChainElements.Count; idx++) {
X509ChainElement chElem = ch.ChainElements[idx];
chain[idx] = cp.ReadCertificate(chElem.Certificate.RawData);
}
return chain;
}
--
View this message in context:
http://itext-general.2136553.n4.nabble.com/iTextSharp-digital-signature-using-smart-card-tp4656447p4656455.html
Sent from the iText - General mailing list archive at Nabble.com.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
