Click here to Skip to main content
15,905,233 members
Search within:


Digital Signature in c#.Net
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
C#
Hi,

I am trying to add a digital signature to a PDF document. My certificate will be stored in IE store and user will select from that. For this I have used Cryptography Class. After he selects the certificate for signature, I m exporting it and passing that file to iTextSharp & it takes care of the digital signature.

My problem is, when I export the certificate from IE store it doesn't ask for the password, exported certificate has no password. So, this is quite surprising that no security/protection for Certificate...
Anyone can simply export that & use? At the time of importing certificate I have to give a password, whats the use of that then? I need to validate the password given at the time of importing the certificate that is given by Certificate Authorities. what can be the solution?
Thanks
Posted
Add a Solution

3 solutions

Certificates have a public and a private portion. When a user exports your certificate from their certificate store (via IE), they are only exporting the public portion. In fact, they never have access to the private portion of the certificate. Read more here.

I'm not sure how certificates would be involved in signing a PDF, but I imagine you'd need access to the private key when signing it. Anything that is encrypted with the private key can be decrypted with the public key and anything that is encrypted with the public key can be decrypted with the private key. However, something encrypted with the public key CANNOT be decrypted with the public key; same goes for the private key. At least, if memory serves me correctly.
 
Share this answer
 
Posted
Thank you for the quick reply.
I am able to unlock the private key from the exported certificate. Thats the only way to make signing possible, right?
My document is getting signed, without need of password.
 
Share this answer
 
Posted
Comments
alexrait1 28-Dec-18 9:02am    
When you import the PFX you can specify whether any interaction with the key requires manual approval.
It's called key strong protection.
Read about it here:
https://blogs.technet.microsoft.com/pki/2009/06/16/what-is-a-strong-key-protection-in-windows/
Depends on where you do the signing. If you do the signing on the client side, then you are basically exposing your certificate to the world giving others the ability to act as if they are you. If, however, you do the signing on the server side (say, on your computer), then to verify the PDF is authentic, the client will only need your public certificate and the signed PDF. Like I said, I'm not familiar with PDF signing and am not even sure what the purpose of that would be, but it's likely that the process of signing the PDF would include the public certificate with the PDF. The client would then look at that certificate, see that it came from a CA, and so would trust it (because it is trusted by the CA).
 
Share this answer
 
Posted
Comments
ankursingh 3-Jul-15 7:22am    
Hi there,
I am using Gematlo samrt card for signning in asp.net can anybody guide me how to start as it has to be done with client and server side .with secure token id of gematlo smard card
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Digital Signatures
Digital signature on documents
Add digital signature to PDF
Get Digital Signature from signature pad
Generating the digital signature in C#.net
Digital Signature pdf Web app
Add a digital signature with Gnostic PDFone
MIcrosoft office document Digital Signature using c sharp
Digital Signature
digital signature

Advertise
Privacy
Cookies
Terms of Use
Last Updated 18 Jan 2011
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-05-23:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900