Qualified certificate

12/29/2014 3:40:35 PM
Gravatar
Total Posts 12

Re: Qualified certificate

I found out why my partner cannot check my signature generated by your software.

They require me to use SHA-1. Is there any chance to use it with NDigitSign?

12/29/2014 4:03:47 PM
Gravatar
Total Posts 300
Ugo Chirico http://www.ugochirico.com

Re: Qualified certificate

Set CAdES = false.

In this way NDigitSign will use SHA-1

1/5/2015 5:00:39 PM
Gravatar
Total Posts 12

Re: Qualified certificate

Ugo,

Now everything is fine with algorithm.

You use 1.2.840.113549.1.1.5 encoding.

But I have to use one of the following encodings:

- 1.2.840.113549.1.1.1 (RSA)

- 1.2.840.10040.4.1 (DSA)

- 1.2.840.10045.1 (ECDSA)

 

Is there a chance to use one of the above with your software?

1/7/2015 12:11:56 AM
Gravatar
Total Posts 12

Re: Qualified certificate

Is there any chance to use one of the following encodings with your software:

- 1.2.840.113549.1.1.1 (RSA)

- 1.2.840.10040.4.1 (DSA)

- 1.2.840.10045.1 (ECDSA)

 

 

1/7/2015 9:42:37 AM
Gravatar
Total Posts 300
Ugo Chirico http://www.ugochirico.com

Re: Qualified certificate

- 1.2.840.113549.1.1.1 (RSA) is not for digital signature. It is RSA encryption and is used for encryption not for signature.

Then

- 1.2.840.10040.4.1 (DSA)

- 1.2.840.10045.1 (ECDSA)

are for signature but they are not supported by NDigitSign to generate digital signature because they require a PKCS#11 token that supports such algorithms

1/7/2015 3:42:06 PM
Gravatar
Total Posts 12

Re: Qualified certificate

I am sorry for bothering you but I really like your software and would like to buy it for my project.

The company which I need to communicate with says that they are receiving signed string encrypted with 1.2.840.113549.1.1.5 but they can only accept 1.2.840.113549.1.1.1

 

I am signing string using your software and converting result to Base64 string.

 

Is there anything I can do with nDigitSign to have desired encryption?

1/8/2015 3:27:27 PM
Gravatar
Total Posts 12

Re: Qualified certificate

Ugo,

Could you please answer my question above? I promise that this is my last question. I need to decide if I will buy your product or will have to look for another solution.

Thank you.

1/8/2015 3:35:14 PM
Gravatar
Total Posts 300
Ugo Chirico http://www.ugochirico.com

Re: Qualified certificate

First of all those numbers are not encoding.

They are PKI algorithms:

1.2.840.113549.1.1.5 stands for SHA1withRSA and it is used for digital signature PKCS#7

1.2.840.113549.1.1.1 stands for RSA and it is used for encryption in PKCS#1 format.

This means that Digital Signature cannot use 1.2.840.113549.1.1.1. This does'nt make sense.

Because NDigitSign does Qualified Digital Signauture it uses 1.2.840.113549.1.1.5

 

If you need RSA encryption instead of Digital Signature you need another software (that we have but we didn't published on this site).

In this case give me your requirements an we'll give you a estimation to customize our software for your needs.

 

1/8/2015 4:10:59 PM
Gravatar
Total Posts 12

Re: Qualified certificate

Thank you for your answer.

I am not a guru in encryption matter but I have to do what my partner need. So please excuse my misunderstandings when asking.

I have to figure out what exactly they need, because all my questions here came from them. I just need to write client app which will sign given text (with qualified certificate) and send back to the server.

 

BTW.

In my latest question I did not use word "encoding" :)