The following section describes input and output data for various methods in more detail. The relevant descriptions are linked in the method descriptions.
Data as a byte array
Various data, such as the content of PDF documents and certificates, is passed to the methods as a byte array. For this purpose, the transferred content is interpreted as a sequence of bytes.
In C#, the byte array is passed as an object.
In C++, the byte array is passed in the form of a variant structure. The variant object must have the attributes VT_ARRAY and VT_UI1 set, and its member variable parray must point to a SAFEARRAY structure that contains the document data.
Information about the signature device
Used by:
Information on the signature device used for signature capture. The individual information items must be separated with semicolons. The following information items are possible:
-
Unique ID (optional)
-
Firmware version of the pad (optional)
-
Model name of the pad (optional; if it is missing, an attempt is made to identify the name on the basis of the model number contained in the biometric data.)
Example: "1000281384;2.4;Sigma USB"
The information about the pad can be queried using the corresponding method in the signoPAD API.
XML structure with information on a PDF document
Used by:
Example:
<?xml version="1.0"?>
<PDFDocument>
<pdfaid_part>2</pdfaid_part>
<pdfaid_conformance>B</pdfaid_conformance>
<PDFVersion>1.6</PDFVersion>
</PDFDocument>
|
Element |
Description |
|
|---|---|---|
|
PDFDocument |
Root element |
|
|
|
pdfaid_part |
Number of the PDF standard, e.g., “2” for PDF/A-2. In a PDF/A-1 file, the image used for the signature must not contain any transparency |
|
pdfaid_conformance |
Level of the PDF standard, e.g., “B” for PDF/A-1b or PDF/A-2b. Not relevant for a correct signature. |
|
|
PDFVersion |
Version of the PDF standard used, e.g., “1.6". For PDF versions < 1.6, only the SHA1 hash algorithm is permitted; for PDF versions < 1.5, only key lengths up to 1024 bits are permitted. Details can be found in the PDF standard. |
|
XML structure with information on a DigSig field
Used by:
Example:
<?xml version="1.0"?>
<digsignatures>
<digsignature Name="Signature field 1">
<Name>John Doe</Name>
<Reason>I agree with this contract.</Reason>
<Location>Ratingen</Location>
<ContactInfo>+49 2102 5357510</ContactInfo>
<Time>D:20200317154124+01'00'</Time>
<Page>1</Page>
<Mandatory>false</Mandatory>
<ReadOnly>false</ReadOnly>
<FieldDescription>Customer</FieldDescription>
<Subfilter>adbe.pkcs7.detached</Subfilter>
<AdbePropBuildAppName>signotec SignPDF3</AdbePropBuildAppName>
<AdbePropBuildVersion>8.3.2.0</AdbePropBuildVersion>
<Filter>Adobe.PPKLite</Filter>
<HashAlgorithm>SHA256</HashAlgorithm>
<SignatureOid>2.16.840.1.101.3.4.2.1</SignatureOid>
<SignatureBioCertRef>O=Demo signotec;SNR=01</SignatureBioCertRef>
<Status>1</Status>
<CertExpired>0</CertExpired>
<AnnotationFlags>4</AnnotationFlags>
<Rect>
<Left>115</Left>
<Right>468</Right>
<Top>520</Top>
<Bottom>646</Bottom>
<Rotation>0</Rotation>
</Rect>
<Certificate>
<Issuer> DE, signotec GmbH, signotec Gamma Device ID:1500019258, Ratingen, CSM017134679, Nordrhein-Westfalen </Issuer>
<Serial>3d840906e0066b40e1208db9321a6100</Serial>
<PublicKeysize>2048</PublicKeysize>
<ValidTo>2020/09/29 08:39:16</ValidTo>
<ValidFrom>2019/09/26 08:39:16</ValidFrom>
<CertErrorStatus> No error found for this certificate or chain; </CertErrorStatus>
<CertErrorStatusCode>0</CertErrorStatusCode>
<CertificateData Subject="signotec demo"> MIIC6zCCAdOgAwIBAgIBATANBgkqhkiG9w0BAQUFADAwMRYwFAYDVQQKEw1zaWdub3RlYyBkZW1vMRYwFAYDVQQDEw1zaWdub3RlYyBkZW1vMB4XDTE3MDIwODEzMTUwMFoXDTMwMDIwODEzMTUwMFowMDEWMBQGA1UEChMNc2lnbm90ZWMgZGVtbzEWMBQGA1UEAxMNc2lnbm90ZWMgZGVtbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALyrQ/FUIA61Q55pDJg1dtvVziVhEAsrEwZELufs8+xexKbaORWx3Otr4iZhh4oX1QtLfJySN/Muz9l7tAUBEvqQ22auUbI3BbzydwnNDrqqTE1kYzvGANw0qNRwItm1h4vV4kWw3DhX/2Ucpog63MrBi/3hqVx3Ne6huQrt2m4dpJdPDuImnsw5lCfB8VW9qMNEdJO3wiWugJQ8tWnBUpeu/4Shao8Ir4U5ietxLYhomOGAXljAUFt+zOmhiXcMriu2k4lG1Uh3r2M3jfXjB1A8woLHiVvDZT9eGYTjNN8sfvsADhlsQ5PZPfW3ehFo7EdP1+G1QnbPC8rLXfNyCb0CAwEAAaMQMA4wDAYDVR0PBAUDAwf/gDANBgkqhkiG9w0BAQUFAAOCAQEAr2YPgKBPCzz+4hv2336s98KhtvHrm3YEZOufD1+P2CY7bhsbLWVw+qg9wP8gz7W24QcdKf4FIyXWwCupZfOElEHZzAhNey0+u5hFMmbmOuTq4PhU48Rl/HkzJ4B532Ve8OVKEFC6+DBFjzUjMHdFXfqLUF87yicpXVpFVjOvpHl3Is1/FK86kjOS2EYq5S/eyMEbst3+d0PnOu8ddWSdcAf8ImTJu5Q5yGXfP+TCO+Vn110kbNWG39L6VhxnU7OjQKKdTp7X0Cg/k7yJocMFgmrQMY172qTziH31U6mXTdk7 dMCRb+nbj6wpTrrUhHKm4SX4DBpWO21ymVSldUEKJw== </CertificateData>
</Certificate>
<SIGNATURE_INFO>
<COMPANY>signotec GmbH</COMPANY>
<VERSION>8.1.2.13</VERSION>
<SIGN_TIME>D:20200317154124+01'00'</SIGN_TIME>
<SIGN_SNTPSERVERURL>ntp1.fau.de</SIGN_SNTPSERVERURL>
<USERID>administrator</USERID>
<MACHINE>PC123</MACHINE>
<MACADDRESS>00AA11BB22CC</MACADDRESS>
<PADID>1500019258</PADID>
<PADTYPE>115</PADTYPE>
<PADMODEL>Gamma HID</PADMODEL>
</SIGNATURE_INFO>
</digsignature>
</digsignatures>
Some elements are only assigned values if the fields are signed, and in some cases only if their validity has been verified based on the option parameters that have been set. The fields that are always filled in regardless of this are highlighted in colour in the table.
|
Element |
Possible values |
Description |
|||||
|---|---|---|---|---|---|---|---|
|
digsignatures |
|
Root element |
|||||
|
|
digsignature Name= |
|
Element for each DigSig field; the Name attribute contains the signature field name |
||||
|
|
Name |
|
Value in the Name tag of the signature field (name of signer) |
||||
|
Reason |
|
Value in the Reason tag of the signature field (reason for signing) |
|||||
|
Location |
|
Value in the Location tag of the signature field (location where the signature was provided) |
|||||
|
ContactInfo |
|
Value in the ContactInfo tag of the signature field (the signer’s contact information, e.g. telephone number) |
|||||
|
Time |
|
Value in the M tag of the signature field (time at which the signature was provided). Please note: As specified in the PDF standard, the value always begins with “D:” |
|||||
|
Page |
>=1 |
Page in the PDF where the signature field is located |
|||||
|
Mandatory |
true |
Field is mandatory |
|||||
|
false |
Field is not mandatory |
||||||
|
ReadOnly |
true |
Field is read-only |
|||||
|
false |
Field is not write-protected |
||||||
|
FieldDescription |
|
The alternative field name (TU tag of the signature field) |
|||||
|
SubFilter |
|
Signature method used For possible values, refer to PDF standard |
|||||
|
AdbePropBuildAppName |
|
Name of the software used to sign the signature field |
|||||
|
AdbePropBuildVersion |
|
Version number of the software used to sign the signature field |
|||||
|
Filter |
|
Standard verification method for signature (for possible values, refer to PDF standard) |
|||||
|
HashAlgorithm |
SHA1 SHA256 SHA384 SHA512 |
Hash algorithm that was used for the digital signature |
|||||
|
“unknown” |
Hash algorithm could not be determined |
||||||
|
SignatureOid |
OID string |
OID of the signature algorithm used for the digital signature, e.g., “2.16.840.1.101.3.4.2.1” |
|||||
|
“unknown” |
OID cannot be determined |
||||||
|
SignatureBioCertRef |
|
The ID of the public key used to encrypt the biometric data |
|||||
|
Status |
0 - 4 |
Status of the signature field based on the document revision |
|||||
|
|
0 |
Signature is valid |
|||||
|
1 |
Signature is valid, but the document was subsequently modified |
||||||
|
2 |
Signature is invalid |
||||||
|
3 |
Signature field is empty (not signed) |
||||||
|
4 |
Signature could not be verified / unknown format |
||||||
|
CertExpired |
0 - 1 |
Status of the certificate. The expiration date of the embedded public part of the certificate is verified |
|||||
|
|
|
0 |
Certificate is valid |
||||
|
|
|
1 |
Certificate has expired |
||||
|
AnnotationFlags |
>=0 |
“Annotation Flags” bit mask of the signature field (for possible values, refer to PDF standard) |
|||||
|
Rect |
|
Position of the signature field in points relative to the top left corner of the PDF page Please note the option parameters of the method |
|||||
|
|
Left |
|
Coordinate of the left side of the signature field |
||||
|
Right |
|
Coordinate of the right side of the signature field |
|||||
|
Top |
|
Coordinate of the top side of the signature field |
|||||
|
Bottom |
|
Coordinate of the bottom side of the signature field |
|||||
|
Rotation |
0, 90, 180, 270 |
Rotation of the signature field in degrees counterclockwise |
|||||
|
Certificate |
|
Information about the signature certificate used If the option parameter contains the value 0x02 when called, this node only contains the subnode “CertificateData”; otherwise, it contains all other subnodes. |
|||||
|
|
Issuer |
|
Owner (field “Subject”) Although the element is called “Issuer,” it does not contain the issuer! |
||||
|
Serial |
|
Serial number |
|||||
|
PublicKeySize |
|
Key length in bits, e.g., 2048 |
|||||
|
ValidTo |
|
End of validity |
|||||
|
ValidFrom |
|
Start of validity |
|||||
|
CertErrorStatus |
Error descriptions of the dwErrorStatus field of the CERT_TRUST_STATUS structure from MS CryptoAPI |
Error messages, separated by semicolons |
|||||
|
CertErrorStatusCode |
Value of the dwErrorStatus field of the CERT_TRUST_STATUS structure from MS CryptoAPI |
Status code (bit mask) |
|||||
|
CertificateData Subject= |
Base64-coded string |
The signature certificate or one of the certificates from its chain. For each certificate of the chain, one instance of the node is present, and the attribute Subject contains the owner of the certificate. In individual cases, the chain cannot be split up into individual certificates. Then the entire chain is contained and the attribute Subject will be missing. |
|||||
|
SIGNATURE_INFO |
|
signotec-specific meta information |
|||||
|
|
COMPANY |
|
Manufacturer of the software used for signing |
||||
|
VERSION |
|
Version of the software used for signing |
|||||
|
SIGN_TIME |
|
Signature timestamp |
|||||
|
SIGN_SNTPSERVERURL |
|
URL from which the timestamp was queried. |
|||||
|
USERID |
|
Name of the logged-in user. |
|||||
|
ADD REFERENCE |
|
signotec-specific element This element is only ever present in documents signed with deprecated methods. |
|||||
|
MACHINE |
|
Name of the PC on which the document was signed |
|||||
|
PADID |
|
ID of the signature device used (e.g., serial number) |
|||||
|
PADMODEL |
|
Model name of the signature device used |
|||||
|
PADTYPE |
|
Device type number of the signature device used |
|||||
|
MACADDRESS |
|
MAC address of the PC on which the document was signed |
|||||
|
CERT |
|
Information about the certificates used. This element is only present in documents signed with deprecated methods. |
|||||
|
|
CIPHERENC_ FILENAME |
|
File name of the PKCS#12 certificate used to sign the document |
||||
|
BIOENC_ FILENAME |
|
File name of the certificate used to encrypt the biometric data |
|||||
XML structure with the additional data of a signed DigSig field after RSA decryption
Used by:
Example:
<?xml version="1.0" encoding="iso-8859-1"?>
<SIGNATURE_INFO>
<COMPANY>signotec GmbH</COMPANY>
<VERSION>8.1.2.13</VERSION>
<SIGN_TIME>D:20200317154124+01'00'</SIGN_TIME>
<SIGN_SNTPSERVERURL>ntp1.fau.de</SIGN_SNTPSERVERURL>
<USERID>administrator</USERID>
<MACHINE>PC123</MACHINE>
<MACADDRESS>00AA11BB22CC</MACADDRESS>
<PADID>1500019258</PADID>
<PADTYPE>115</PADTYPE>
<PADMODEL>Gamma HID</PADMODEL>
<BIOMETRIC_INTEGRITY>
<DOC-HASH_VALUE> C5434136D63DEBED2DE74579CA43ACF02402DA99DC9F1B30C100AE9B5369DEBF </DOC-HASH_VALUE>
<DOC-HASH_RECALCEDVALUE> C5434136D63DEBED2DE74579CA43ACF02402DA99DC9F1B30C100AE9B5369DEBF </DOC-HASH_RECALCEDVALUE>
<DOC-HASH_ALGO>SHA256</DOC-HASH_ALGO>
<BIO-HASH_VALUE> 51BD92FEBCD0A84E1F7A793B1BFCB4222436BBC18CDD89E948922F97B51FB2C9 </BIO-HASH_VALUE>
<BIO-HASH_ALGO>SHA256</BIO-HASH_ALGO>
<TIMESTAMP>20200316161209+01'00'</TIMESTAMP>
<MACHINE>GRUETTER-E7450</MACHINE>
<USERNAME>pgr</USERNAME>
<PADID>1500015870</PADID>
<PADMODEL>Gamma HID / WinUSB</PADMODEL>
<CONTENTLENGTH>311265</CONTENTLENGTH>
<HASHTYPE>COMBINATION</HASHTYPE>
<RSA-SCHEME>PSS</RSA-SCHEME>
<RSA-SIGNATURE> D/LDj469ltZag4ucIGoEs6CYE1p0mHbIWJWpXUjf80Zb9CVWBoapVsSfOLZtGYkq4AuJe/ax/qRffIQwEBUaJTKwboeEXtz5KuM482a8IxZctYUSFBpEWNw3n0FLBuNG9dax5M+IaXRKmzPhUCjdCULsDvE9IKVFt/ntF9KND+Ok/KmaswXSWXelvgTPbhml9NGTRppLQ/KCNo6D0S/L7ae2VWOWXgfY5DNOITFnF+4quICQS026b2l1ZEu9M0oJHmvyom/fgwDI62i/dp9jMcbreW/12iF8ak2P2qGPqqJFJ3hiHFbJMtb+KUnrTb6UoOzRl7H1ZdcYTk8LEHLoxA== </RSA-SIGNATURE>
<RSA-SIGNATURE_STATUS>0</RSA-SIGNATURE_STATUS>
<CERT> MIICBDCCAW2gAwIBAgIFAlQ205owDQYJKoZIhvcNAQELBQAwRjEWMBQGA1UEChMNc2lnbm90ZWMgR21iSDEsMCoGA1UEAxMjc2lnbm90ZWMgU2lnbWEgRGV2aWNlIElEOjEwMDAyODEzODUwHhcNMjMwODMwMDAwMDAwWhcNNDkxMjMxMDAwMDAwWjBGMRYwFAYDVQQKEw1zaWdub3RlYyBHbWJIMSwwKgYDVQQDEyNzaWdub3RlYyBTaWdtYSBEZXZpY2UgSUQ6MTAwMDI4MTM4NTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA53wbe0pihE7cIwEG/TYXax2OBBqirG9EuMT5zZLR4NJdJQZJFl/Nok+MUKT3ONQW+ttXL1+oYUv3+uPhAEnyFRd7s9LvsVYzRCFCmsSlcgJJOZYyclD5RDEZ+V3KVSwoID3p5+Uex9swHrFtIB5sSGSYq0u5X/fDe3TQFE4qjQcCAwEAATANBgkqhkiG9w0BAQsFAAOBgQBxbFh8qOR3vawcCRY12EhQzOLY8zuDHdkv3HI3SSpzWTJ1eOHmASudMU3izc4wLpKXo+9fe1vjx0LPU1t9qoVCXgRKhzUbn8ezzBnnhyN/OdQmVfTVASuLKolShNUZ7ygEVVeGaNyQjKcUg4j4e6ryOKvMdhGmAaolLDv7pJt8Aw== </CERT>
<EXTRA_DATA_TIMESTAMP_UTC>1692695107</EXTRA_DATA_TIMESTAMP_UTC>
<EXTRA_DATA_SERIALNUMBER>1000281385</EXTRA_DATA_SERIALNUMBER>
<EXTRA_DATA_KEYSOURCE>2</EXTRA_DATA_KEYSOURCE>
<EXTRA_DATA_DEVICEOPTIONS>422911</EXTRA_DATA_DEVICEOPTIONS>
<EXTRA_DATA_FIRMWAREMAJOR>2</EXTRA_DATA_FIRMWAREMAJOR>
<EXTRA_DATA_FIRMWAREMINOR>17</EXTRA_DATA_FIRMWAREMINOR>
</BIOMETRIC_INTEGRITY>
</SIGNATURE_INFO>
|
Element |
Possible values |
Description |
|||
|---|---|---|---|---|---|
|
SIGNATURE_INFO |
|
Root element |
|||
|
|
COMPANY |
|
Manufacturer of the software used for signing |
||
|
VERSION |
|
Version of the software used for signing |
|||
|
SIGN_TIME |
|
Signature timestamp |
|||
|
SIGN_SNTPSERVERURL |
|
URL from which the timestamp was requested |
|||
|
USERID |
|
Name of the registered user |
|||
|
ADD REFERENCE |
|
signotec-specific element. This element is only ever present in documents signed with deprecated methods. |
|||
|
MACHINE |
|
Name of the PC on which the document was signed |
|||
|
PADID |
|
ID of the signature device used (e.g., serial number) |
|||
|
PADMODEL |
|
Model name of the signature device used |
|||
|
PADTYPE |
|
Device type number of the signature device used |
|||
|
MACADDRESS |
|
MAC address of the PC on which the document was signed |
|||
|
CERT |
|
Information about the certificates used. This element is only present in documents signed with deprecated methods. |
|||
|
|
CIPHERENC_FILENAME |
|
File name of the PKCS#12 certificate used to sign the document |
||
|
BIOENC_FILENAME |
|
File name of the certificate used to encrypt the biometric data |
|||
|
BIOMETRIC_INTEGRITY |
|
Element for verifying the integrity of the biometric data. |
|||
|
|
DOC-HASH_VALUE |
|
Hash of the document before the digital signature and biometric data have been entered as a hexadecimal string (saved in the document during the signing process) |
||
|
DOC-HASH_RECALCEDVALUE |
|
Hash of the document before the digital signature and biometric data have been entered as a hexadecimal string (calculated by the API) If the value does not correspond to the value of DOC-HASH_VALUE, the biometric data do not belong to the document and tampering has taken place |
|||
|
DOC-HASH_ALGO |
SHA1 SHA256 |
The hash algorithm used to calculate the document hash |
|||
|
BIO-HASH_VALUE |
|
Hash of the biometric data as hexadecimal string (calculated by the API). |
|||
|
BIO-HASH_ALGO |
SHA1 SHA256 |
The hash algorithm used to calculate the document hash |
|||
|
TIMESTAMP |
|
Timestamp of the signature. Must be identical to SIGNATURE_INFO/SIGN_TIME, otherwise tampering has taken place. |
|||
|
MACHINE |
|
Name of the PC on which the document was signed Must be identical to SIGNATURE_INFO/MACHINE, otherwise tampering has taken place. |
|||
|
USERNAME |
|
Name of the registered user Must be identical to SIGNATURE_INFO/USERID, otherwise tampering has taken place. |
|||
|
MACADDRESS |
|
MAC address of the PC on which the document was signed. Must be identical to SIGNATURE_INFO/MACADDRESS, otherwise tampering has taken place. |
|||
|
PADID |
|
ID of the signature device used (e.g., serial number) Must be identical to SIGNATURE_INFO/PADID, otherwise tampering has taken place. |
|||
|
PADMODEL |
|
Model name of the signature device used Must be identical to SIGNATURE_INFO/PADMODEL, otherwise tampering has taken place. |
|||
|
CONTENTLENGTH |
|
Length of the document in bytes used to calculate DOC-HASH_VALUE Further details can also be found in the documentation for the RSASetHash method from the signoPAD API. |
|||
|
HASHTYPE |
|
Specifies which data RSA-SIGNATURE was calculated on Further details can also be found in the documentation for the RSASign method from the signoPAD API. |
|||
|
|
Combination |
Biometric data were signed linked to the document |
|||
|
Hash1 |
Only document was signed |
||||
|
Hash2 |
Only biometrics were signed |
||||
|
RSA-SCHEME |
|
RSA scheme used to calculate the RSA SIGNATURE Further details can also be found in the documentation for the RSASign method from the signoPAD API. |
|||
|
|
NoOID |
Padding according to RSASSA-PKCS1-V1_5 without hash OID |
|||
|
PKCS1_V1_5 |
Padding according to RSASSA-PKCS1-V1_5 with Hash-OID |
||||
|
PSS |
RSASSA-PSS |
||||
|
RSA-SIGNATURE |
|
Signature calculated in signature device during signing as Base64-coded string. |
|||
|
RSA-SIGNATURE_STATUS |
|
Status of the RSA signature |
|||
|
|
0 |
The RSA signature is intact, and the biometric data belongs to this document |
|||
|
2 |
The RSA signature is not intact, the document has been tampered with, or the biometric data does not belong to the document |
||||
|
4 |
The RSA signature could not be verified |
||||
|
CERT |
Base64-coded string |
The public certificate used to determine the status of the signature |
|||
|
EXTRA_DATA_TIMESTAMP_UTC |
|
Time stamp of the signature in seconds since 1 January 1970 in UTC. |
|||
|
EXTRA_DATA_SERIALNUMBER |
|
Serial number of the signature device, with which the data was captured |
|||
|
EXTRA_DATA_KEYSOURCE |
0 - 2 |
Origin of the key used for signing |
|||
|
|
0 |
Key generated in the device |
|||
|
1 |
Key generated externally and loaded into the device |
||||
|
2 |
Factory-set key |
||||
|
EXTRA_DATA_ DEVICEOPTIONS |
|
Device options of the signature device; please refer to your contact at signotec for details. |
|||
|
EXTRA_DATA_ FIRMWAREMAJOR |
|
Major firmware version of the signature device, with which the data was captured. |
|||
|
EXTRA_DATA_ FIRMWAREMINOR |
|
Minor firmware version of the signature device, with which the data was captured. |
|||
XML structure with the required input information during signing
Used by:
Example:
<?xml version="1.0" encoding="utf-8"?>
<SIGNATURE_INFO>
<Name>John Doe</Name>
<Reason>I agree with this contract.</Reason>
<Location>Ratingen</Location>
<ContactInfo>+49 2102 5357510</ContactInfo>
<AdbePropBuildAppName>signotec SignoAPI Demo</AdbePropBuildAppName>
<AdbePropBuildVersion>1.0.0.0</AdbePropBuildVersion>
<Rect>
<Left>115</Left>
<Right>468</Right>
<Top>520</Top>
<Bottom>646</Bottom>
</Rect>
<Page>1</Page>
<TimeStamp>
<TimeStamp>D:20180927140151+02'00'</TimeStamp>
<SNTPServerURL>ntp1.fau.de</SNTPServerURL>
<Option>1</Option>
</TimeStamp>
<Subfilter>adbe.pkcs7.detached</Subfilter>
<HashAlgorithm>SHA256</HashAlgorithm>
<RSAParams>
<ContentLength>311265</ContentLength>
<HashType>Combination</HashType>
<RSAScheme>PSS</RSAScheme>
<RSASignature> esyFl7788AusYiwE4B6MtJqGV3feSEvuYQ3tAvCI19OxVmbsxmmKHc3A0S82PR3HCoFTmCJFkGkvAnkHeQJ0GngIOFy1PJwwoG94I/8612KCeT45UbtMY82j2KKSfEc1cUJXQg6fSxUbvuleqygtpM96xHHwYlKEBFaoEoRLoIuNowrYGR6mA+n2oLuPQYzF/B3THZeQ43ind9jrghbrP7koG+Lu2X4FK0Pbiyxby0mfCDLhVqWylTyJq855FTUdlQBTnpodrsvnVJhHKbQIvZrAgnePYZlj96GKFZzCjsGq2304mXw3ZdHVUlnbyNMA8FptyP7qV7kdcjLHMf1YMg== </RSASignature>
<PadSigningCert> MIICBDCCAW2gAwIBAgIFAlQ205owDQYJKoZIhvcNAQELBQAwRjEWMBQGA1UEChMNc2lnbm90ZWMgR21iSDEsMCoGA1UEAxMjc2lnbm90ZWMgU2lnbWEgRGV2aWNlIElEOjEwMDAyODEzODUwHhcNMjMwODMwMDAwMDAwWhcNNDkxMjMxMDAwMDAwWjBGMRYwFAYDVQQKEw1zaWdub3RlYyBHbWJIMSwwKgYDVQQDEyNzaWdub3RlYyBTaWdtYSBEZXZpY2UgSUQ6MTAwMDI4MTM4NTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA53wbe0pihE7cIwEG/TYXax2OBBqirG9EuMT5zZLR4NJdJQZJFl/Nok+MUKT3ONQW+ttXL1+oYUv3+uPhAEnyFRd7s9LvsVYzRCFCmsSlcgJJOZYyclD5RDEZ+V3KVSwoID3p5+Uex9swHrFtIB5sSGSYq0u5X/fDe3TQFE4qjQcCAwEAATANBgkqhkiG9w0BAQsFAAOBgQBxbFh8qOR3vawcCRY12EhQzOLY8zuDHdkv3HI3SSpzWTJ1eOHmASudMU3izc4wLpKXo+9fe1vjx0LPU1t9qoVCXgRKhzUbn8ezzBnnhyN/OdQmVfTVASuLKolShNUZ7ygEVVeGaNyQjKcUg4j4e6ryOKvMdhGmAaolLDv7pJt8Aw== </PadSigningCert>
<BioAlgorithm>SHA256</BioAlgorithm>
<DocAlgorithm>SHA256</DocAlgorithm>
</RSAParams>
</SIGNATURE_INFO>
|
Element |
Possible values |
Description |
|||
|---|---|---|---|---|---|
|
SIGNATURE_INFO |
|
Root element |
|||
|
|
Name |
|
Value written to the Name tag of the signature field (name of signer). If the element is missing or empty, the name of the certificate is entered automatically. |
||
|
Reason |
|
Value written to the Reason tag of the signature field (reason for signing). If the element is missing or empty, no reason is entered. |
|||
|
Location |
|
Value written to the Location tag of the signature field (location where the signature was provided). If the element is missing or empty, no location is entered. |
|||
|
ContactInfo |
|
Value written to the ContactInfo tag of the signature field (the signer’s contact information, e.g. telephone number). If the element is missing or empty, no contact is entered. |
|||
|
AdbePropBuildAppName |
|
Name of the software with which the signature field is signed. If the element is missing or empty, “signotec SignPDF3” is used. |
|||
|
AdbePropBuildVersion |
|
Version number of the software with which the signature field is signed. If the element is missing or empty, the version number of the SignPDF3.dll used is used. |
|||
|
Rect |
|
Position of the signature field in points relative to the top left corner of the PDF page Please note the option parameters of the method! Optional, only needed if the signature field is not yet present or if the position of an existing signature field is to be changed |
|||
|
|
Left |
>=0 |
Coordinate of the left side of the signature field. |
||
|
Right |
>=0 |
Coordinate of the right side of the signature field. |
|||
|
Top |
>=0 |
Coordinate of the top side of the signature field. |
|||
|
Bottom |
>=0 |
Coordinate of the bottom side of the signature field. |
|||
|
Page |
>=1 |
Page number of the PDF on which the signature field is to be generated (optional, only needed if the signature field is not yet present). |
|||
|
Timestamp |
|
Root element for configuring the signature timestamp. |
|||
|
|
Timestamp |
Timestamp in the format “yyyyMMddHHmmsszz” |
Timestamp written to the M-tag of the signature field, the signature metadata, and the encrypted biometric data |
||
|
empty |
The current computer time or the time of an SNTP server is used |
||||
|
SNTPServerURL |
|
URL of an SNTP server from which the current time is to be queried or was queried (optional). |
|||
|
Option |
0 - 2 |
Defines the meaning of SNTPServerURL |
|||
|
|
0 |
The value is saved to the metadata of the signature without being verified; it should only be transferred if the calling application actually queried the timestamp from this URL (standard) |
|||
|
1 |
An attempt is made to query the time from the URL; if this fails, the time transferred in Timestamp or the current computer time is used |
||||
|
2 |
An attempt is made to query the time from the URL; if this fails, the method returns with an error |
||||
|
Subfilter |
adbe.pkcs7.sha1 adbe.pkcs7.detached |
Signature method used to calculate the signature For details on the correct calculation of the digital signature, please refer to the PDF standard |
|||
|
HashAlgorithm |
SHA1 SHA256 SHA384 SHA512 |
Hash algorithm to be used for calculating the signature The hash algorithm that may be used depends on the PDF version of the document. If the document has not yet been signed, the version of the document may be increased so that the specified algorithm can be used. The current version of the document can be queried using AnalyzePdfDocumentMemory. |
|||
|
RSAParams |
|
Contains subelements that define the signature of the biometric data calculated in the signature device. Optional; only necessary if the biometric data has been encrypted and signed in the signature device. The values are not verified or evaluated; incorrect values may mean that the integrity of the biometric data cannot be verified retrospectively.
More details on the following parameters can also be found in the documentation for the RSASign and RSASetHash methods from the signoPAD API. |
|||
|
|
HashType |
|
Specifies which data the signature was calculated from |
||
|
|
Combination |
Biometric data were signed linked to the document |
|||
|
Hash1 |
Only document was signed |
||||
|
Hash2 |
Only biometric data was signed |
||||
|
ContentLength |
|
Length of the document in bytes used to calculate hash 1 |
|||
|
RSAScheme |
|
RSA scheme used to calculate the signature |
|||
|
|
NoOID |
Padding according to RSASSA-PKCS1-V1_5 without hash OID |
|||
|
PKCS1_V1_5 |
Padding according to RSASSA-PKCS1-V1_5 with Hash-OID |
||||
|
PSS |
RSASSA-PSS |
||||
|
RSASignature |
Base64-coded string |
The calculated signature |
|||
|
PadSigningCert |
Base64-coded string |
The public certificate of the signature device with which the signature can be verified Optional; only necessary if the document is not also to be signed in the signature device |
|||
|
DocAlgorithm |
SHA1 SHA256 |
Hash algorithm used to calculate hash 1 |
|||
|
BioAlgorithm |
SHA1 SHA256 |
Hash algorithm used to calculate hash 2 |
|||
SignData
The “SignData” data structure is a standard format for signature data developed by signotec that is used by various components. It is an encrypted, compressed, biometric format that can be stored in a database and/or as a tag in a TIFF document or a PDF document.