Clever Geek Handbook

PDF digital sign

My company has a web document management application and I was assigned to find a way to sign PDFs with a digital user certificate.

PDF files can go from a few kilobytes to over 100 MB, this is over the Internet, so the signature must take place on a web server.

To do this, I created an activeX element that asks the user to select a certificate, then uploads it to a web page using WebClient.UploadData, sending the certificate as a byte array.

On the web page, when I try to sign a pdf document, I get a "Key does not exist" error. This is not surprising to me, because when I used the certificate directly over the https connection after I selected the correct certificate, I would be prompted for a key. This does not happen with activeX.

This is how I get the certificate from the user:

private static X509Certificate2 PickCertificate()
        {
            X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            try
            {
                store.Open(OpenFlags.ReadOnly);

                // pick a certificate from the store
                X509Certificate2 cert = X509Certificate2UI.SelectFromCollection(store.Certificates, "Title", "Message", X509SelectionFlag.SingleSelection)[0];

                // show certificate details dialog
                X509Certificate2UI.DisplayCertificate(cert);
                store.Close();
                return cert;
            }
            finally { store.Close(); }
        }

How can I ask the user to provide a key that I am missing?

+1


source to share


1 answer


Do you want the user to upload their private certificate key to the web server so they can sign PDFs? If so, it is fundamentally violated from a security point of view.

I think you might have missed the fact that public certificate! = Private key. (Most of us are careless and use the word "certificate" to mean either (or both) of these things, not to be entirely surprising). Based on memory, CryptoAPI only has a select set of methods that will allow you to access the key. There should be an "export as PFX" method in between, so you can do your design work if you really wanted to, but I wouldn't recommend it. (Risk of sending private keys to the web server, breaking bounces, etc. etc.).



If you really have to do the signing on the server [I don't really understand your argument, the signature shouldn't add a lot of data to the upload], then you should probably consider a tiered architecture and key escrow mechanism. So you can at least reduce to minimizing some security concerns (but you will still lose disclaimer ... and introduce other risks. No free lunch here).

So ... you should probably consider re-architecting your application so that the PDF signature appears on the client (in your ActiveX control) before downloading the PDF file. I am assuming you will need a third party library for the signing step, as discussed in this SO thread .

+4


source






More articles:


All Articles