DecryptSignatureAESKey

Declaration

Delphi

function   DecryptSignatureAESKey(EncryptedAESKey:AnsiString;  DocumentHash: AnsisTring; NotaryPrivateKeyFName : AnsiString; var OutLen : integer) :pointer;

C/C++

SOPAD_API VOID* SOPAD_DecryptSignatureAESKey(char *EncryptedAESKey, char *DocumentHash, char *NotaryPrivateKeyFName, int *OutLen) ;

ActiveX

HRESULT _stdcall DecryptSignatureAESKey([in] BSTR EncryptedAESKey, [in] BSTR DocumentHash, [in] BSTR NotaryPrivateKeyFName, [out, retval] BSTR* Result);

Description

Function to decrypt the AES-key with document hash (PreliminaryDocumentHash) and the notary private key.

This function can only by used with biometric pads, as the standard pads have a secure notarykey.

Arguments

string encryptedAESKey, encoded as hex-string

string documentHash , encoded as hex-string

string pathToNotaryPrivateKey

Return value

returns the decrypted AESkey (alias encrypted-randomkey) encoded as hex-string.


Sample

C# Sample to collect signature raw data and how to decrypt them
private string GetFileContentAsString(String FileName, bool asHexString) 
{
	string result = "";
	if (!asHexString)
	{
		result = File.ReadAllText(FileName);
	}
	else
	{
		byte[] fileBytes = File.ReadAllBytes(FileName);
		result = BitConverter.ToString(fileBytes);
		result = result.Replace("-", "");
	}

	return result;
}
  
// function to collect all signature data
private void getSignature()
{
	SigDev.startCapture(cert, true, true, true, true, ref padSetting);
 
	//  wait for 2 sec for signing
	Thread.Sleep(2000);
			
	//  Save SignImage
	System.IO.File.WriteAllBytes("signature.bmp", (byte[])SigDev.ReadHighResBitmap(1));

	//  Collect encrypted Biodata
	string biodata = "";
	SigDev.getBiodataString(ref biodata);

	System.IO.File.WriteAllText("biodata.bin", biodata);
	// some arbitrary preliminary document hash, should be generated of the signing content in that case its a dummy value  
	byte[] prelimHash = {0,0,0,0,1,0,0,0, 1,0,0,0,0,0,0,0, 0,1,0,1,0,0,0,0, 0,0,0,0,1,0,0,0};

	// save preliminary document hash (better way is not to save it and recreate it from the signed data).
	System.IO.File.WriteAllBytes("prelimHash.bin", prelimHash);

	//  Send preliminary document hash to Device
	SigDev.SetPreliminaryDocumentHash(prelimHash);

	//  Collect and Save EncryptedAES Key from Device
	System.IO.File.WriteAllBytes("encryptedAesKey.bin", (byte[])SigDev.GetEncryptedAesKey());

	//  Stop Signmode, Pad will switch to Standby again
	SigDev.stopCapture(0);
}
  
// function to decrypt biodata with raw data
private void DecryptBiometricdata() 
{
	string notarykey = "private4096.txt";
	string biodata = GetFileContentAsString("biodata.bin", false);
	string aeskey = GetFileContentAsString("encryptedAesKey.bin", true);
	string dochash = GetFileContentAsString("prelimHash.bin", true);

	string randomkey = SigDev.DecryptSignatureAESKey(aeskey, dochash, notarykey);
	string decryptedBiodata = SigDev.DecryptSignatureBiodata((randomkey), biodata);

	Console.WriteLine("btnDecryptBiodataClick done.");
	Console.WriteLine("btnDecryptBiodataClick randomkey=" + (randomkey));
	Console.WriteLine("btnDecryptBiodataClick decryptedBiodata=" + decryptedBiodata);
}