Simple digital signature questions
Hi,
I have made a web application where I want the users to be able to sign documents and approve orders with the users already existing certificate.
Does anyone know how we can get the PrivateKey from an already exiting certificate? I don磘 want to make a new KeyPair, but use the users already existing certificate...
code:
--
private static byte[] sign(String datafile, PrivateKey prvKey,String sigAlg) throws Exception {Signature sig = Signature.getInstance(sigAlg);sig.initSign(prvKey);FileInputStream fis = new FileInputStream(datafile);byte[] dataBytes = new byte[1024];int nread = fis.read(dataBytes);while (nread > 0) {sig.update(dataBytes, 0, nread);nread = fis.read(dataBytes);};return sig.sign(); }
Message was edited by:
jsjeppe
[793 byte] By [
jsjeppea] at [2007-10-3 11:39:45]
Published certificates hold public keys, not private keys.
So your answer is that you have to create a new keypair to sign a document?Or do we need to get the PrivateKey from a keyStore?Message was edited by: jsjeppeMessage was edited by: jsjeppe
> So your answer is that you have to create a new
> keypair to sign a document?
Not necessarily. Just get access to the private key. The problem with this is that if you can get access to the private key to sign on behalf of the client then if you were malicious you could send the private key back to the server. This could invalidate any signatures done using the private key because you could have done the signing rather than your client!
>
> Or do we need to get the PrivateKey from a keyStore?
The client has to sign rather than you signing on behalf of the client. The client has to sign using software or hardware that he can trust and that recipients of the signature can trust.
Okay I think I understand how it works. So I do the following steps:
1) Create a keystore and save it on the server
2) Each user has to upload his/her certificate to the keystore, i.e. using the username as the alias
3) To sign a document the user type in his secret password for the certificate and together with the alias (username) we can access his certficate and make the PrivateKey
4) We sign the document using the privateKey
5) We store/send the document, the signature and the certificate to the enduser
Is that the way it works?
Message was edited by:
jsjeppe
Not quite. Each user has to have his own keypair. Each keypair can have a different password, one per user. The keypair can be used to generate a self-signed cert, or a certificate signing request; if the latter, get the CSR signed and re-import it into the keystore.
Then you continue as you stated - each user has to provide his own password so that digital signatures can be constructed from his keypair and cert.
ejpa at 2007-7-15 14:08:46 >
Okay, I just want to be sure:
So instead of letting the user upload his certificate file (myCert.cer), we would ask him to type in the certificate signing request in a form, which I assume is something like the text below:
--BEGIN CERTIFICATE--
MIICTTCCAfcCEFKp9CTaZ0ydr09TeFKr724wDQYJKoZIhvcNAQEEBQAwgakxFjAU
BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk4MDYwNzAwMDAwMFoXDTA2MDYwNjIz
NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
AKWnR/KPNxCglpTP5nzbo+QCIkmsCPjTCMnvm7KcwDJguaEwkoi1gBSY9biJp9oK
+cv1Yn3KuVM+YptcWXLfxxI=
--END CERTIFICATE--
If so, why can磘 we just let him upload the certificate file (myCert.cer). Does it not include the certificate signing request?
The certificate signing request is generated by keytool once you have generated the keypair.
I suspect you can generate the keypair and CSR in advance and have the user change the password on the keypair once you've received and imported the signed cert.
The only parts the user has to participate in are (a) assigning his password to his keypair, and (b) supplying that password (and his alias) when signing a document.
Just uploading his certificate isn't adequate because it doesn't contain the keypair. It only contains the public key.
ejpa at 2007-7-15 14:08:46 >
Okay I see.
But first of all I don磘 know who the users are. That is why I want the users to do the work, i.e. upload the CSR by themself. They are sucribing to the system by them self. So I can磘 do anything in advance...
Secondly, how do we get ordinary people to be able to create a CSR? It has to be quite simple to be able to sign a document! Something like uploading a file and then be able to sign using a password...
So the solution is to use an applet to get access to the users keystore?
?
Message was edited by:
jsjeppe
Message was edited by:
jsjeppe
Ordinary users can't generate a CSR without the keytool, which comes with the JDK not the JRE, or a binary copy of openSSL or such. Or you could get them to go through the online Verisign process or the equivalent from other CAs.
You could do it with an applet to give the users access to your keystore (i.e. a designated one for this application). Your applet lets them create a keypair in your keystore and assign their password to it; you generate the CSR and send it off, when it comes back you import it and notify the user that he can now sign.
This is still secure because nobody can access a keypair without the correct password, but you'd want to run that past your legal eagles in terms of non-repudiation.
ejpa at 2007-7-15 14:08:46 >
> Okay I think I understand how it works. So I do the
> following steps:
>
> 1) Create a keystore and save it on the server
As long as it only holds public keys or certificates (not private keys).
>
> 2) Each user has to upload his/her certificate to the
> keystore, i.e. using the username as the alias
No problem.
>
> 3) To sign a document the user type in his secret
> password for the certificate and together with the
> alias (username) we can access his certficate and
> make the PrivateKey
Insecure! If YOU can access the private key using the password given by the client then YOU can save that password and use it again in the future without the clients authority. How does anyone who receives the signed document know that the client signed it?
>
> 4) We sign the document using the privateKey
Unless you are setting yourself up as a trusted third party, the client has to sign the document - not you. If software on your server signs the document then control of the private key has been given to you so the private key is no longer private.
>
> 5) We store/send the document, the signature and the
> certificate to the enduser
I'm not sure this is relevant in view of the insecurity of the rest of the process.
>
> Is that the way it works?
>
No!
