EduLib Launches CERTivity KeyStores Manager A Public Key Infrastructure Software

CERTivity KeyStores Manager, the newest product of EduLib, aims at providing an intuitive and natural experience with cryptographic keys management, Public Key Infrastructure and digital signing, in a user-friendly environment.

EduLib, a privately held software development company located in Craiova, Romania, with a solid software expertise of more than 10 years, announces the availability of CERTivity, a new software tool which is a powerful pure Java multi-platform environment for creating, managing and using cryptographic keys (private, public or secret keys), KeyStores for storing the keys and key pairs, digital certificates intensively used by SSL, and, last but not least, creating and verifying digital signatures on digital files and documents. With this launch, EduLib intends to offer to the cryptographic software world, developers and system administrators, a comprehensive package of solutions for managing and handling cryptographic information, and also enter the Public Key Infrastructure domain.

CERTivity provides for creation and usage of many KeyStore types such as the well known JKS, JCEKS, PKCS#12, or the Bouncy Castle KeyStore types BKS and UBER. Also, it covers up many algorithms which can be used for creating the private and secret keys which can be stored within these KeyStores.

As the usage of electronic services such as virtual mails, electronic banking or electronic commerce becomes more commonplace in the present, there are also increasing concerns regarding the privacy and security of the transactions. These concerns along with the needs to avoid the risk of being impersonated over the internet bring up the need of using encryption for personal data, digital certificates for establishing authenticity and digital signatures combining encryption and digital certificates as safety precautions for being able to take full advantage of the new electronic medium for personal business.

"CERTivity was built with these aspects in mind, to offer the possibility to create, manage and use digital certificates especially for SSL and HTTPS, extend validity of the self-signed certificates, obtain revocation information and even test them using custom communication protocols, as well as creating and handling encrypted key pairs and secret keys using various encryption algorithms", said David Dascalescu, the CTO at EduLib.

This new tool covers and combines many functions which can be found in various command line tools or other operating system tools, but, it does not intend to be just a simple replacer for all of these. As the features are combined and centralized having an intuitive and productive organization, CERTivity is offering to developers and system administrators, and to all users in general the possibility to spend less time taking care of low level details and concentrate on important stuff, therefore offering the possibility to maximize productivity.

CERTivity also offers the possibility to sign well known file types such as PDF and XML documents, or JAR files. Also, in addition to signing, CERTivity offers the possibility to verify signatures on documents already signed.

"When designing CERTivity, we have also taken in consideration the increase in usage of digital documents thus offering solutions for ensuring the authenticity of documents and ensuring that the contents of the digital files remain unchanged for a series of document and file types very widely used in present, such as PDF or XML documents, or JAR files", said David Dascalescu.

Signing and verifying files

CERTivity can digitally sign, by public/private-key encrypted byte range digest, PDF documents supporting the standard SubFilter values "adbe.x509.rsa_sha1", "adbe.pkcs7.detached" and "adbe.pkcs7.sha1". The Portable Document Format (PDF) allows digitally signing a document by inserting a cryptographic signature value in the file. A signature is in most cases represented by a signature field containing the name and other attributes of the signer. The signature supported by CERTivity is of document (or ordinary) type, according to the PDF reference, version 1.7. In addition to signing, EduLib's tool offers possibility for verifying signed PDF documents as well. It provides means for verifying the validity of the signatures, preventing documents from being subject to tampering and also it can display valuable information about the signer, information similar to the one Adobe PDF Reader offers when opening a signed PDF. More than this, the verification process offers a lot of details which can be of interest to developers or analysts.

CERTivity can also perform signing and verifying on XML documents. Signatures on XML documents can be used as authentication credentials or as a way to check data integrity. XML signatures can be applied to XML files, HTML pages, binary-encoded data and any XML-encoded data. More than this, CERTivity can verify XML signatures using either the certificates embedded in the signature, or using a specific certificate given by the user.

"Also, for developers, CERTivity brings up the ability to sign and verify JAR files, which is basically useful when having to be sure of the integrity of Java archives, and to protect against changes intended to be harmful", said David Dascalescu. "The process of signing or verifying is made much easier by the graphical interface, which makes it a more pleasant experience than using equivalent command line tools".

Besides the file and document signing and verifying features, the tool released by the EduLib team contains other functionalities which can be of interest to any developer, network administrator, analyst, or just everyone who has intersected with the X.509-based Public Key Infrastructure.

The solutions offered by CERTivity are available from EduLib at http://www.edulib.com/products/keystores-manager/.