search

harrison314 / SlovakEidSignTool

Example of signing documents using Slovak eID (PAdES, CAdES)
GNU Affero General Public License v3.0
6 stars 3 forks source link

Add support CAdES ASIC-E #1

Closed harrison314 closed 5 years ago

harrison314 commented 5 years ago

Add support of creation CAdES signatures. Inspired by:

Container structure:

asic-container.asice: 
   |
   +-- mimetype
   |
   +-- bii-envelope.xml
   |
   +-- bii-document.xml
   |
   +-- META-INF/
          |
          + asicmanifest.xml
          |
          + signature.p7s

mimetype contains

application/vnd.etsi.asic-e+zip

Example of META-INF/asicmanifest.xml:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ASiCManifest xmlns="http://uri.etsi.org/02918/v1.2.1#" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#">
    <SigReference URI="META-INF/signature.p7s" MimeType="application/x-pkcs7-signature"/>
    <DataObjectReference URI="bii-trns081.xml" MimeType="application/xml">
        <ns2:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <ns2:DigestValue>morANIlh3TGxMUsJWKfICly7YXoduG7LCohAKc2Sip8=</ns2:DigestValue>
    </DataObjectReference>
    <DataObjectReference URI="bii-envelope.xml" MimeType="application/xml">
        <ns2:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <ns2:DigestValue>IZ9yiwKHsTWMcyFebi7csqOOIHohy2gPd02VSfbyUCI=</ns2:DigestValue>
    </DataObjectReference>
</ASiCManifest>
harrison314 commented 5 years ago

For validation using https://dss.agid.gov.it/validation or https://zep.disig.sk/Portal.

harrison314 commented 5 years ago

signature.p7s is PKCS#7 signature with SIgnedInfo: