Last update: 05/02/2009

The Crypthing Initiative
Signthing Personal Edition

The Crypthing project aims to develop cryptographic software for business, government and personal use within the context of Brazilian Public-Key Infrastructure (see Portal ICP-Brasil) under GNU General Public License. We are planning to deliver to open source community software for authentication, confidentiality and digital signature with strict compliance to ITI specifications.

The Signthing Personal Edition is our first delivery. This is an application to sign documents for non-repudiation purposes using cryptographic keys associated with digital certificates issued by one of the ICP-Brasil Certificate Authorities. Despite this design goal, you may also sign documents with any x.509 certificate issued by any Certificate Authority.

Current Features:
  • Support to DER encoded x.509 certificates stored in smart-cards and removable medias;
  • ICP-Brasil compliance certificate validation and on-line revocation check over HTTP;
  • Document signing, co-signing and verification (of course);
  • Support to attached and detached RFC 2630 CMS SignedData envelope;
  • Internationalized user's interface (currently in English and Portuguese);
  • Platform-independent design (Java), already tested under Linux 2.6.24 and MS Windows XP (but only with Sun JVM).

 

Release 0.2 project now started (at last!)

The publishing of DOC-ICP-15: Visão Geral sobre Assinaturas Digitais na ICP-Brasil by ITI has forced the project into a complete reengeneering. Now we must support RFC 5126 and a complete set of new features. The new specifications are now available (in Portuguese, of course).

05/02/2009 - new documents available: release plan and view layer application class diagram.

 

History

New patch released: 04/04/2009

Released patckage signthing_pe.0.1.2 with several fixes, including inconsistency to RFC 3280 (bad ContentInfo format).

 

Patch released: 10/21/2008

Released package Alpha 0.1.1 with fixes: bad behavior with non-PKI Brazil certificates and worst behavior with language configured to English.

You do not need to get a certificate from an ICP-Brasil CA only to test this application. You may download a certificate issued to famous John Doe by an OpenSSL CA (thanks to Larry Ramos and his scripts). It is in PKCS#12 format (the password is linux, of course) and its attributes are very close to ICP-Brasil. Just edit the config.xml file, selecting PKCS12 as the value of DEFAULT-KEYSTORE property and points the KEYSTORE_FILE property to this PFX file.

 

Download

Click here to go to SourceForge's download page.