EldoS | Feel safer!

Software components for data protection, secure storage and transfer

XAdESForm property of ElXAdESSigner

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#18582
Posted: 12/26/2011 04:38:22
by Željko Tanović (Standard support level)
Joined: 12/16/2011
Posts: 4

Hi,

I'm a bit confused by this property.... What does it do ? The documentation says:

Quote
Use this read-only property to retrieve XAdES form.


However - the property is not read only... I've set it to XAdES_BES since that's the form I need, but I'm not sure it has an effect...

In spite of setting the form prop, I've managed to create a signature that seems to be invalid (at least - as I understand the spec, I'm not really a Xades expert) according to XADES spec, which states that Xades signature MUST have one of:


  • SigningCertificate element, or - if it's not present,
  • ds:KeyInfo element which in turn MUST be referenced in the SignedInfo of XMLDsig


(section 4.4.1 of the spec.)

I've managed, by accident - to create something that I consider (but might be wrong) invalid signature by not supplying SigningCertificates property, so this Xades element is empty, and since there is also no reference to the KeyInfo element in the XMLDSig, this condition isn't satisfied....

Can you please advise ? Is there a way to make sure the generated signature is Xades-BES compliant ?

Thanks,

Željko
#18583
Posted: 12/26/2011 09:30:36
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Please read the paragraph that starts from "A XAdES-BES signature MUST..." in section 4.4.1 of the specification. It describes exactly what you need. If these conditions are not satisfied then a signature is not XAdES-BES compliant.

Quote
Can you please advise ? Is there a way to make sure the generated signature is Xades-BES compliant ?

You can check XAdESForm property value after you load an XML using TElXMLVerifier.Load method before signature verification.

The XAdES-BES is the minimum format for an electronic signature to be generated by the signer so any other signature built on XAdES-BES (XAdES-T, XAdES-C etc.) will be XAdES-BES compliant.

Reply

Statistics

Topic viewed 952 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!