SecureBlackbox Lite 2020 Python Edition

Questions / Feedback?

on_external_sign Event

Handles remote or external signing initiated by the SignExternal method or other source.

Syntax

class CRLManagerExternalSignEventParams(object):
  @property
  def operation_id() -> str: ...
  @property
  def hash_algorithm() -> str: ...
  @property
  def pars() -> str: ...
  @property
  def data() -> str: ...
  @property
  def signed_data() -> str: ...
  @signed_data.setter
  def signed_data(value) -> None: ...

# In class CRLManager:
@property
def on_external_sign() -> Callable[[CRLManagerExternalSignEventParams], None]: ...
@on_external_sign.setter
def on_external_sign(event_hook: Callable[[CRLManagerExternalSignEventParams], None]) -> None: ...

Remarks

Assign a handler to this event if you need to delegate a low-level signing operation to an external, remote, or custom signing engine. Depending on the settings, the handler will receive a hashed or unhashed value to be signed.

The event handler must pass the value of Data to the signer, obtain the signature, and pass it back to the component via SignedData parameter.

OperationId provides a comment about the operation and its origin. It depends on the exact component being used, and may be empty. HashAlgorithm specifies the hash algorithm being used for the operation, and Pars contain algorithm-dependent parameters.

The component uses base16 (hex) encoding for Data, SignedData, and Pars parameters. If your signing engine uses a different input and output encoding, you may need to decode and/or encode the data before and/or after the signing.

A sample MD5 hash encoded in base16: a0dee2a0382afbb09120ffa7ccd8a152 - lower case base16 A0DEE2A0382AFBB09120FFA7CCD8A152 - upper case base16

A sample event handler that uses a .NET RSACryptoServiceProvider class may look like the following:

signer.OnExternalSign += (s, e) =>
{
       var cert = new X509Certificate2("cert.pfx", "", X509KeyStorageFlags.Exportable);
       var key = (RSACryptoServiceProvider)cert.PrivateKey;

       var dataToSign = e.Data.FromBase16String();
       var signedData = key.SignHash(dataToSign, "2.16.840.1.101.3.4.2.1");
       e.SignedData = signedData.ToBase16String();
};

Copyright (c) 2022 /n software inc. - All rights reserved.
SecureBlackbox Lite 2020 Python Edition - Version 20.0 [Build 8166]