I'm trying the interop with Java.
The task: create SHA1withRSA signature of the document hash with .NET CLR.
The singer key is an X509 certificate from external CA, and this signer certificate is on the smart card.
1. First solution: the .NET CLR SignedCms class passes the document hash to the Windows CryptoApi (and to the smart card), and the result is a PKCS#7 message with the signature. This solution works well with smart card, but the requirement is only the "SHA1withRSA"
signature of document hash, the PKCS#7 message will be created at Java side.
2. Second attempt, create only "SHA1withRSA" signature:
// choosing certificate from smart card
X509Certificate2 card = GetCertificate();
// this fails when certificate is on the smart card:
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)card.PrivateKey;
// only the signed hash needed
byte signedHashValue1 = rsa.SignData(documentHash, new SHA1Managed());
The problem: the car
View Complete Post