Architecture

Javasign works with ISO 7816-4 compliant smart cards. It uses encryption and decryption functions based on PKCS #15 compliant cards.

Javasign has two modes of operation:

1) smart card:

performs digital signature/verification operations using the functions on the card.
It  can be configured to use the cryptoki library given by the card vendor, or  an internal java driver that performs low level apdu commands.

2) p12 file:

uses an external file in standard p12 format to keep private keys and certificates

Javasign can verify the associated  certificate and check if it's been released by a trusted CA.
Moreover the certificate is checked against the CRL, by downloading it from the CA site, using http protocol or ldap protocol.
Javasign supports serial signature and countersignature.

Javasign is based on Italian CNS specification for identity card (Carta Nazionale dei Servizi).

Javasign, as the name reveals, is written in java.