|
-
Dec 22nd, 2013, 07:39 AM
#1
Thread Starter
Randalf the Red
[Serious] Digital Signatures And Adding Them To Web Pages
I went through the forums, searching for "digital search" but didn't find anything good. Well, I did find a particular user trying to be snobbish and asking for some Pizza instead of information on digital signatures, but I guess you can't really expect an online discussion forum to deliver Pizza, so his attempt failed very royally.
OK here goes my problem. I don't have to mention that I know nothing about digital signatures.
Alright, I do know they are different from electronic signatures and that electronic signatures aren't much different from physical signatures.
The task defined for me is this:
The user should be able to attach his/her digital signature when he/she approves a set of transactions. This is similar to how it happens when large NEFT transactions are approved in the corporate world. I actually saw a sample of it as our Finance guy walked me through the approval process. He logs into the bank website, goes to the authorization page where he sees a list of transactions pending. He selects one for approval, inserts his USB dongle into the laptop and then clicks a button to authorize. The webage reads off the USB dongle the digital signature and performs the necessary action. Each user has a separate USB dongle.
So far so good. I have to build something similar. Now there are two questions - one a petty one and the other a pretty one.
The petty question: How do I read the digital signature off a USB dongle when I am in a webpage - I mean when I am designing the webpage? Are there any components or tools available which will let me do this? Will I have to use ActiveX or something similar to be installed on the client machine one time?
The pretty question: How does digital signature work? I came across a resource which broke it down into simple pieces: Take a text file, hash it to a value and then encrypt this value using a private key. Send the text file and the encrypted hash to the recipient. Recipient will hash the file again, decrypt the encrypted value I had sent using a public key and compare his hash with the decrypted value of my hash. If both match, the file has been verified.
However, mere algorithm won't help me. Which encryption standard should I use? How exactly do you attach the digital signature to a text file? What is a digital signature? If the above explanation is correct, it's a series of bytes. Could I just write it to the text file after the text file contents? In this case when my code reads the digital signature off the USB dongle, is it only reading the private key?
How do I sign other documents digitially?
It would be immensely helpful if someone could point me to links which explain how digital signatures work (technically i.e. in code) and one or two sample codes or some readymade components which would provide this functionality.
I am working with VS 2010 / C#.
Judging at the response this topic has received in the programming forums, I thought it best to post it here so it would get some more attention. Sorry to spoil the fun.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|