Process Improvement for Digital Signature Application
My Summer Internship at L&T Power
The Summer of 2020 brought a great opportunity in my life providing me with the experience to work in company. It was enriching to collaborate with an experienced professional. It benefited by improving my technical knowledge, communication skills and enlightening the value of time management. I’ve pushed myself to do things new to me , and I’ve been introduced to knowledge that I never knew about. I’ve expanded my knowledge and I’ve become more confident in myself and my potential.
Explored Purpose and Technology
Digital Signatures are specific type of e-signature that compiles with strict legal regulations and provides highest level of assurance of a signer’s Identity
Digital Signatures use certificate-based digital IDs to authenticate signer’s identity and demonstrate proof of signing by binding each signature to the document with encryption. Validation occurs through trusted certificate authorities (CAs) or trust service providers (TSPs).
Benefits of Digital Signatures
Trust and Compliance
Protection
Authentication
Ease in Validation
X509 Certificate
X.509 is a standard defining the format of public key certificates. An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the hostname/domain, organization, or individual contained within the certificate. The X.509 certificate is either signed by a publicly trusted Certificate Authority like DigiCert, Sectigo, GlobalSign, etc. or self-signed. When a certificate is signed by a trusted certificate authority, or validated by other means, someone holding that certificate can rely on the public key it contains to establish secure communications with another party, or validate documents digitally signed by the corresponding private key.
My Work
Concept
The Project is based on the concept of Pdfs and other documents being self signed with Digital Certificates of required signatures through the Subject Key Identifier assigned to the signer by a ASP .NET C# based console application. In a MNC, the efficiency in signing and authenticating numerous documents by multiple Authorities is very crucial. The Application is designed to precisely sign a directory of multiple file or documents matching its correct signature certificate at once.
My Application
As a Summer Intern for L&T Power, I created a console application that collected all the Documents required from the directory and signed it pairing with the right digital certificate stored in the system. Hence Multiple files can be signed at a time with precision. Unfortunately due to the (COVID-19 situation)Lockdown, I was unable to get access to their database and system resources. So, I created my own database using MySQL Workbench and used it in to extract certificate data for signing. The Flowchart displaying the working of the Application is shown below:
The Application is implemented in C# .NET framework and some NuGet Packages like iTextSharp, MySQL.Date. A NuGet package is a single ZIP file with the .nupkg extension that contains compiled code (DLLs), other files related to that code, and a descriptive manifest that includes information like the package's version number. Bouncy Castle Crypto package for C# plays a role in this application by extracting private key from the certificate used for signing of the document. The Bouncy Castle APIs have support for creating two kinds of X.509 certificates — version 1 and version 3 — as well as PKCS10 certification requests. Version 1 certificates are generally only used to create root certificates, version 3 certificates are used elsewhere as the extension facility they support is used to help validate both the certificate and the use it is being put to. The Bouncy Castle Crypto package is a C# implementation of cryptographic algorithms and protocols along with the support for X509 certificate generation and other standards.
The Application connects to the database through the server details like username, password, database name and server IP using function in MySQL.Date package. The Directory is selected in which the documents to be signed are placed. Through the file paths in the directory Ids of signer is fetched and compared with the database to get the Subject key Identifier.
X509 Certificate class and its functions are used to work with the X509 certificates and sign them to the PDFs. Below shows the certificate details and Subject Key Identifier through which we can uniquely identify individual signer.
iTextSharp PDF library allowed the application to sign the pdf documents with the certificates as it is an Advanced tool kit library.
It can be used to create, adapt, inspect and maintain documents in the Portable Document Format (PDF), allowing to add PDF functionality to the software projects with ease.
In Conclusion
Problem solving, Critical thinking and desire to keep learning got me through my course of this Internship. It was a Journey talking me from exploring new platforms and technologies to implementing them successfully to create a utility. My skills in C# and SQL sharped as I learnt a lot going through the documentations of libraries and other works relating my project
One last lesson
Be grateful. For anything and everything you do in the workplace. Treat every interaction and lesson as a blessing.