How it Works

How the Digi-Seal™ Applet Works

[1] The framework is intended to implement the following scenario:

1. User accesses a Web application
2. User completes the Web form (which could contain files for uploading)
3. User clicks a “Sign” button and request signing of the Web form (all its text fields and files for upload or either of the above). Here the signing applet is invoked
4. The applet creates a XML document containing all the Web form data: all form fields and their corresponding values and all electronic files selected for uploading and their binary contents (encoded as Base64 strings). The signature of the Web form is computed by digitally signing this XML document.
   
   
   
   
   
5. Then a dialog is shown, prompting the user to selects a PKCS#12 file which contains a private key and corresponding public key certificate
6. The applet uses the user's private key and public key certificate to generate a signature of the completed Web form and stores the result in a PKCS#7 SignedData object. The result PKCS#7 object contains:

• The XML document obtained by the signed form fields and their values
• The digital signature of the XML document
• The certificate of the signer and optionally its entire certification chain

7. The applet encodes the calculated PKCS#7 object using the Base64 algorithm and stores the result string in one of the Web form fields
8. The form (along with all files for uploading and the calculated signature) is submitted to the Web server
9. A server side application processes the form by verifying the signature and optionally storing the form data and its corresponding signature in a SQL database