DL Signer Cards

Digital signing contact + contactless cards with SDK

DL Signer cards are used for electronic data and document digital signing.

The e-signature is stored in the DL SIgner cards with RSA or ECDSA asymmetric cryptographic algorithms. DL Signer cards support PKI infrastructure. It is possible to store X.509 certificates related to pairs of cryptographic keys generated in the cards itself.

Also, these cards support storing all X.509 certificates that make up the chain of trust from the root certificate to the end-entity certificate.

Free Digital Signing software SDK!

For more information, please visit our Digital Signing software SDK page.

 

The public key which is generated in the DL Signer cards is placed in the body of the request while creating the certificate signing requirement (hereinafter CSR). The request is signed in the card itself with an appropriate private key that never leaves the card itself and in no way it can be read after generating key pairs.

Further, the CSR is sent to the certification body in order to create and sign the X.509 certificate based on it. This end-entity certificate is placed in the DL Signer card with other certificates from the chain of trust and is ready to digitally sign data and documents. The user can send CSR to any certification body whose services he wishes to use. Digital Logic has provided a mechanism for issuing end-entity certificates for the purpose of testing the system.

One of the basic characteristics of the end-entity certificate is that the private key, which is paired with the public key that such certificates contain, must not be used to sign other certificates.

The Windows software tools that initiate the generation of cryptographic keys pairs, generate CSRs, manages the PIN and PUK codes of the DL Signer cards, manipulates the contents of the X.509 certificates, and signs the data and files, is distributed as “ufr-signer”.

“Signature-verifier” is a Windows application validating RSA and ECDSA digital signatures.

Digital signing and validation of signatures can also be done from Adobe Acrobat Reader DC application using the ufr-pkcs11 module that we developed for this purpose. Our PKCS#11 module can also be used with popular Mozilla’s e-mail client and web browser, as well as with other software tools that are compatible with the PKCS#11 specification.

We also provided web services for online checking of X.509 certificates and signed pdf files.