How to add an e-signature to a PDF File from a Smart Card?
I have a Java EE app that needs to implement e-signing of PDF Files. The user needs to be able to click a link that will generate a PDF File based on data in the database and see the PDF in their browser. The use then needs to be able to "sign" the document using their private key stored on their smart card (which is plugged into a smart card reader on the PC that they're using). Users are using Windows 7 and JRE 1.6
I was hoping to use iText for the PDF generation, but it is unclear what solution I would use on the client-side for pulling information in from from the smart card and then for applying that information to sign the PDF and show the PDF as being signed (either showing the user's signature or updating the doc to say that it has been signed).
Has anyone done this before and has a solution?
Answer
- It does not help reading a certificate from the smartcard, as you need the private key.
- You should not (and most often can not) read the private key from the smartcard (that's the reason for using a smartcard)
- To access the smartcard you need to interface one of the native API's like plain PC/SC, PKCS#11 or CSP.
- To do this from the browser you need either an ActiveX or an Applet.
- Building this from scratch is very ambitious
Some critical information is: - what reader - what smartcard - what browser - what os to select or develop a solution
We have a commercial product built using applet technology that does exactly what you requested (take a PDF, interface to the smartcard, sign the hash, insert the signature in any form supported by PDF, post the signed PDF). If you are interested, i will provide a contact.