Java Security - Remote signing/decrypting with SSL

Author

Remote signing/decrypting with SSL

jogchem@gmail.com

2006-09-12, 7:05 pm

I'm working on this application that has to make an SSL connection. No
problems with getting a test connection, but the private key that is
used to authenticate the client in the real life situation is locked
away on a smartcard. Therefor all the signing and decrypting has to go
through the card. Does anyone know how to hook into the standard Java
SSL api to use all the default things but do the signing and decrypting
myself?

Mr. Skeptic

2006-09-14, 7:04 pm

jogchem@gmail.com wrote:
> I'm working on this application that has to make an SSL connection. No
> problems with getting a test connection, but the private key that is
> used to authenticate the client in the real life situation is locked
> away on a smartcard. Therefor all the signing and decrypting has to go
> through the card. Does anyone know how to hook into the standard Java
> SSL api to use all the default things but do the signing and decrypting
> myself?

What do you mean by the last sentence? I assume you want the signing to
be done on the card. The smart card vendor should provide the necessary
software, APIs, etc. to use the card's services; for example they may
offer a JCE provider similar to the Sun RsaSign provider.

jogchem@gmail.com

2006-09-15, 4:03 am

Mr. Skeptic wrote:
> What do you mean by the last sentence? I assume you want the signing to
> be done on the card. The smart card vendor should provide the necessary
> software, APIs, etc. to use the card's services; for example they may
> offer a JCE provider similar to the Sun RsaSign provider.

What I mean is that the card is connected to a different pc than the
one where the application is running that has to set up the ssl
connection. I can get the public keys from the card via TCP, but the
private keys stay on the card. Therefor I want to delegate all the
signing and decrypting to the machine that has the card.

Sponsored Links