This project is devoted to provide a simple software layer for digital signature, when an hardware cryptographic token is required.
The main goal is to maintain platform independence, and application environment neutrality (web and standalone usage examples are provided). The default implementation tries to comply as strictly as possible with the italian law digital signature directives.
j4sign is developed at Servizio Sistema Informativo of Municipality of Trento, and is currently used to provide services involving digital signature of electronic documents.
The project core is implemented in java language, and is practically an extension of the open source BouncyCastle cryptographic libraries for using PKCS#11 tokens.
PKCS stands for Public Key Cryptographic Standards, and is a set of specifications proposed by RSA Security Inc.; many of them has become RFCs or are de-facto standards. PKCS#11, for example, is the most widely used API for interacting with cryptographic tokens, because it was the first adopted in web browsers. For more informations about PKCS standards go to RSA Labs website.
Since PKCS#11 standard is an API specification in C language, implementations provided by token manufacturers
are typically native libraries. The project uses Java Native Interface and related native libraries
to interact with tokens.
For PKCS11 we use the excellent pkcs11 wrapper developed
by IAIK of Graz University of Technology,
released under an Apache/BSD-style license.
For basic SmartCard detection we use also the PCSC wrapper developed by the Open Card Framework consortium; this wrapper (the wrapper only) also is released under Apache/BSD-style license.
The project addresses the Windows1 OS initially, due to the prevalent availability of pkcs11 implementation libraries for this platform; extension to GNU Linux OS is scheduled for next releases (hopefully with your help!). Update: As of release 0.1.2 initial Linux support has been introduced using OpenSC pkcs11 implementation. Many thanks to Antonino Iacono from opensignature project for his precious help.
j4sign has the ambition to be the first Java2 free software implementation of an "italian law - compliant" digital signature. Other similar software exists, see SmartSign and OpenSignature projects, but they use primarily C, C++ language.
The first release offers:
Note that in the included examples signature verification only ensures signed data integrity; a complete verification to ensure non-repudiation requires checking the full certification path including the CA root certificate, and CRL verification on the CA side. (Good stuff for the next release ...)
(1) Windows® is a registered trademark of Microsoft Corporation.
(2) Java is a registered trademark of Sun Microsystems, Inc.
Style respectfully borrowed from Blue Robot's Layout Reservoir