digital-signature

I would like to build a little mobile App (Android and iOS) and a little backend server with a REST Api. My app users (android or iOS) needs to login on facebook. I do that by using facebooks mobile sdk. When the login has been successful, facebook sdk will return a authentificationToken, that is now on the users smartphone. The idea is as follows: Whenever my app needs some data, the app will conntact to my server backend (REST) over HTTPS. For example: The app makes a simple HTTP GET and passes the retrieved Facebook authenticationToken. My Server gets this facebook authenticationToken and

We are trying to make the signed signature LTV enabled. I am using the below code to add verification. When signature.isTsp() is false, the PDF says Signature is not LTV enabled , though in the other case (signature.isTsp() is true) it shows as valid. When we open the PDF and try to manually add verification info by right clicking on the signature it enables LTV without any issue. Not sure what we are missing here. Any input will be highly helpful. // Adds LTV-enabled information to the PDF document. private ByteArrayOutputStream addLtv(final IOcspClient ocspClient, final ByteArrayOutputStream

I digitally sign XML files, but need the signature tags contain the namespace prefix "ds". I researched quite the google and found many of the same questions, but no satisfactory answer. I tried to put the "ds" manually in the file, but the signature becomes invalid. The tag "SignatureValue" signs the tag "SignedInfo" so the signature becomes invalid. Could somebody show me how I generate the value of the tag "SignatureValue" so I can replace the signature after adding the prefix "ds"? Apparently a lot of people ran into the same problem. After investigating source code of the class Signature

We have written a document management system and would like to digitally sign documents using the web client. Our Java client application is already able to apply and check digital signature, but we would like to make signature even with our web client. This is written in GWT and so, when run on the client side, it is a JavaScript application. We not want to create a Java applet and download it on the client and execute it. We would like to use the browser security device or the browser API in order to sign a document. We would also like to keep the complete document server side, and move to

How can I get the signature of a string using SHA1withRSA if I already have the Private Key as byte[] or String ? Prabath Siriwardena I guess what you say is you know the key pair before hand and want to sign/verify with that. Please see the following code. import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.Signature; import sun.misc.BASE64Encoder; public class MainClass { public static void main(String[] args) throws Exception { KeyPair keyPair = getKeyPair(); byte[] data = "test".getBytes("UTF8"); Signature

I'm trying to sign an XML file using a x.509 certificate, I can use the private key to sign the document and then use the CheckSignature method (it has an overload that receives a certificate as parameter) to verify the signature. The problem is that the user who validates the signature must have the certificate, my concern is, if the user has the certificate then he has access to the private key, and as I understand, this is private and should be available only to the user who signs. What am I missing? Thanks for your help. In .NET, If you get your X509 cert from a .pfx file, like this: