Yes exactly i cannot use the key material on the smart card directly, so I have used the pkcs11library to interface the device and have the informations I want, for example the certificate chain. So, I have to do the signature with pkcs11 library and then pass it to pdfbox? And what about sign and mark document?
Thank you all!! Rossella Inviato da iPhone > Il giorno 19/feb/2014, alle ore 13:13, Lachezar Dobrev <[email protected]> > ha scritto: > > Well... Typically when using a hardware device one does not use the > key material directly, but rather uses a PKCS#11 library to interface > the device and call on it to perform any cryptographic operations it > needs to: signatures, verification, encryption, decryption, generation > etc. > For this reason Java (Oracle/Sun variants, not sure about OpenJDK) > provides a whole cryptographic component set (aka Provider) that uses > an underlying PKCS#11 library [1]. It is a complete cryptography > provider, not only a key-store provider, and can not be used to gain > access to the protected key material. > Admittedly I have had little use of that, and a have not looked at > PDFBox's cryptography methods, so I can not be of further help, but as > far as I can see: that is the way to handle PKCS#11 smart-cards. > > [1] > http://download.java.net/jdk8/docs/technotes/guides/security/p11guide.html#P11Provider > > 2014-02-19 11:42 GMT+02:00 Stefan Magnus Landrø <[email protected]>: >> Since this is a hardware device, I suppose you cannot extract the private >> key from the card? >> >> >> 2014-02-19 9:44 GMT+01:00 Rossella Petrucci <[email protected]>: >> >>> Yes i have this!!! >>> >>> >>> Inviato da iPhone >>> >>>>> Il giorno 19/feb/2014, alle ore 09:29, Stefan Magnus Landrø < >>>> [email protected]> ha scritto: >>>> >>>> Just to make sure: >>>> >>>> Is this what you have? >>> http://javadoc.iaik.tugraz.at/pkcs11_wrapper/current/iaik/pkcs/pkcs11/objects/PrivateKey.html >>>> >>>> Cheers, >>>> >>>> Stefan >>>> >>>> >>>> 2014-02-19 8:14 GMT+01:00 Rossella Petrucci <[email protected]>: >>>> >>>>> Sorry, but Can you explain me better what you mean? >>>>> Qnd what about temporal mark? >>>>> >>>>> Inviato da iPhone >>>>> >>>>>>> Il giorno 19/feb/2014, alle ore 00:06, Stefan Magnus Landrø < >>>>>> [email protected]> ha scritto: >>>>>> >>>>>> Convert to pem format and import? >>>>>> >>>>>> Sendt fra min iPhone >>>>>> >>>>>>> Den 18. feb. 2014 kl. 23:57 skrev Rossella Petrucci < >>>>> [email protected]>: >>>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> May i ask you some things about PDFBox? >>>>>>> I want to use PDFBox for digital sign on PDF with SmartCards and >>>>> Business Key. >>>>>>> >>>>>>> Is there a way for mark a PDF? I have done a Framework for get Private >>>>> Key and Certificate Chain from the SmartCard and not from KeyStore but >>>>> there is a problem. Your function for the sign wants a Java Security >>>>> Private Key, but i have aiaik.pkcs.pkcs11.objects.PrivateKey, so >>> everything >>>>> crash! >>>>>>> Can you help me? >>>>>>> >>>>>>> Thank You. >>>>>>> >>>>>>> Rossella >>>> >>>> >>>> >>>> -- >>>> BEKK Open >>>> http://open.bekk.no >>>> >>>> TesTcl - a unit test framework for iRules >>>> http://testcl.com >> >> >> >> -- >> BEKK Open >> http://open.bekk.no >> >> TesTcl - a unit test framework for iRules >> http://testcl.com
