Menu

 

Thoughts on Software Engineering

NakovDocumentSigner :: DigitalSignerApplet – Demo

This demo is intended to illustrate how DigitalSignerApplet signs files in the client’s Web browser. The user is given below a file upload browser control, two text fields for the results of the signing process and a Java applet for signing selected file. When the user select some file and click on the [Sign selected file] button from the applet, the applet shows a dialog for locating his certificate keystore file (.PFX / .P12 file) and password for accessing it. After selecting certificate file and password, the applet signs selected file and shows the results of the signing in the text fields in the client’s browser. The first text field is used for storing the user’s certificate and its certification chain. The second is used for storing the calculated signature of the signed file.

Requirements for Running the Demo

To run the demo, you need:

  • Java Plug-In 1.4 or later, installed in your Web browser.
  • PKCS#12 certificate keystore (.PFX file) for digital document signing. If you don’t have such a keystore, you can use our sample keystore sample.pfx. The password for accessing the keystore and the private key inside it is “sample”.
  • You should accept to trust the DigitalSignerApplet to run with full permissions.
  • The demo runs successfully on Firefox 2.0+ and Internet Explorer 6.0+.

If the button [Sign selected file] is missing, this means that the applet is not correctly loaded (in most cases Java is not installed in your browser).

The DigitalSignerApplet Demo

Some Technical Details

The applet is signed, because it should be able to access your local file system. To run the demo, you should accept the applet to run with full permissions.

To sign files with the given applet, you should have PKCS#12 keystore containing your certificate, its certification chain and the private key corresponing to the public key of the certificate. The passwords for accessing the keystore and the private key should be the same.

The result of the signing process are two string values stored in two text fields in the client’s Web browser. The first value is the certification chain starting with the user’s certificate. This chain is extracted from the user’s keystore and is reprsented as ASN.1 DER sequence of certificates, encoded in Base64. The calculated signature is also Base64 encoded.

The applet is intended to sign files before uploading them. Appropriate functionality for receiving signed files, decoding certificates and signatures, verifying certificates, certification chains and digital signatures will be needed at the server-side.

Previews (8,460), Views (2,930), Comments (0)

RSS feed for comments on this post. TrackBack URL

LEAVE A COMMENT