AdES Signer
ENTERPRISE
The signer has the fully qualified class name: org.signserver.module.ades.signer.AdESSigner.
Overview
The AdES signer signs PDF and XML documents using ETSI formats for advanced electronic signatures (AdES).
The most common electronic signatures formats used within the European Union are XML Advanced Electronic Signatures (XAdES) and PDF Advanced Electronic Signatures (PAdES). The European Telecommunications Standards Institute (ETSI) creates and maintains a set of technical standards for electronic signatures that support the eIDAS legal framework.
As of version 5.7, SignServer supports Baseline Signature Levels for XAdES (as defined in ETSI EN 319 132) and PAdES (as defined in ETSI EN 319 142). The signature formats fulfill the requirements for Advanced Electronic Signatures as per the EU eIDAS regulation.
Signature Levels
The following list the signature levels:
- Baseline-B: Basic Electronic Signature. The most simplistic version includes the document signature.
- Baseline-T: Signature with a time-stamp. A time-stamp regarding the time of signing is also added.
- Baseline-LT: Signature with Long Term Data. Certificates and revocation data are embedded to allow verification in the future even if their original source is not available.
- Baseline-LTA: Signature with Long Term Data and Archive time-stamp. Adds an additional time-stamp and is suited for long-term archiving of documents.
Available Properties
Property | Description |
---|---|
SIGNATURE_LEVEL | Signature level to use. Required. The supported values are:
|
SIGNATUREALGORITHM | Signature algorithm. Optional, default: depending on the signing key, SHA256withRSA, SHA256withDSA, or SHA256withECDSA. Only one of SIGNATUREALGORITHM and DIGESTALGORITHM can be specified at the same time. |
DIGESTALGORITHM | Algorithm for the digest of the binary. Optional, default: SHA256. Only one of SIGNATUREALGORITHM and DIGESTALGORITHM can be specified at the same time. |
ADD_CONTENT_TIMESTAMP | Setting if a time-stamp over the content should be included. Note that this is different from the signature time-stamp added as part of BASELINE-T and higher levels. Possible values: True or False. Optional, default: False. |
TSA_WORKER | Worker ID or name of internal time-stamp signer in the same SignServer instance. Optional, default: none. This property cannot be combined with TSA_URL. This or TSA_URL must be set when SIGNATURE_LEVEL is set to BASELINE-T (or higher). |
TSA_URL | URL of external time-stamp authority. Optional, default: none. This property cannot be combined with TSA_WORKER. This or TSA_WORKER must be set when SIGNATURE_LEVEL is set to BASELINE-T (or higher). |
TSA_USERNAME | Login username used if the TSA uses HTTP Basic Auth. Optional, default: none. |
TSA_PASSWORD | Login password used if the TSA uses HTTP Basic Auth. Required if TSA_USERNAME is specified. Default: none. |
TSA_DIGESTALGORITHM | Algorithm for time-stamp digests. Optional, default: SHA-256. |
TRUSTANCHORS | Additional trusted certificates in PEM format. When the certificates, revocation data or time-stamp tokens etc. are verified as part of signing, certificates not chaining up to the same root CA needs to have its root certificate added to this property. If not the signing could fail with a processing failure message and the logs show that "revocation data is missing". This especially needs to be done when using a TSA with a signer certificate issued by another root then what this signer is using at LT or higher level and also for cases (at LT level) when the input document already contains signatures (or time-stamps) using a different root. Optional. |
SIGNATURE_FORMAT | Signature formats to use. Required. Supported formats:
|
SIGNATURE_PACKAGING | This property is not supported with PAdES. This property is used and valid when SIGNATURE_FORMAT = XAdES. Supported values:
Required. |
FIXED_SIGNATURE_SIZE | This property is only supported with PAdES. This property sets a fixed size for the signature space within the PDF and disables the signature size estimation in the first try. If the signature format is PAdES and FIXED_SIGNATURE_SIZE is not set (or equal to zero) then we try to estimate the PKCS#7 signature size. Signature Size Estimation and Retry Algorithm The first estimated value is calculated as the sum of: Then if signing the certificate fails due to that the signature became larger than the estimated size, the signer will retry using the actual signature size plus a 1024 bytes margin. The retry can happen up to 3 times before it gives up. |
ADD_VISIBLE_SIGNATURE | This property enables adding the visible signature. |
VISIBLE_SIGNATURE_IMAGE_PATH | The path to the image for the visible signature. |
VISIBLE_SIGNATURE_IMAGE_BASE64 | The image to use in the visible signature in Base64 format. |
VISIBLE_SIGNATURE_CONTENT_TYPE | Content-type of the Base64 image. For example, image/png. |
VISIBLE_SIGNATURE_PAGE | Sets a page number where the signature field should be placed. The counting starts from 1 (one) for the first page of the document. |
VISIBLE_SIGNATURE_RECTANGLE_LLX | Sets an upper-left X coordinate of the visible signature field. |
VISIBLE_SIGNATURE_RECTANGLE_LLY | Sets an upper-left Y coordinate of the visible signature field. |
VISIBLE_SIGNATURE_RECTANGLE_URX | Sets the width of the visible signature field. |
VISIBLE_SIGNATURE_RECTANGLE_URY | Sets the height of the visible signature field. |
EXTEND_VALIDITY | When set to true and the signature level is BASELINE-LTA, will extend validity of a document if it was already signed (at any level) with an up-to-date archive timestamp. This can be set to true or false. True is only supported when SIGNATURE_LEVEL is BASELINE-LTA. Optional. Default: false. |
VISIBLE_SIGNATURE_NAME | Sets the visible signature in the existing empty signature filed with this name. |
VISIBLE_SIGNATURE_CUSTOM_IMAGE_RESIZE_TO_RECTANGLE | If you want the custom image to be resized to a specified rectangle (set by VISIBLE_SIGNATURE_RECTANGLE_LLX, VISIBLE_SIGNATURE_RECTANGLE_LLY, VISIBLE_SIGNATURE_RECTANGLE_URX and VISIBLE_SIGNATURE_RECTANGLE_URY), then set to True. If set to True, the image might look different than the original (as an effect of resizing). If set to False, the rectangle drawn will be resized to the specified image's sizes. If set to False, the llx and lly coordinates specified by VISIBLE_SIGNATURE_RECTANGLE_LLX and VISIBLE_SIGNATURE_RECTANGLE_LLY property will be used for drawing the rectangle (urx and ury will be calculated from the specified image size). This property is ignored if ADD_VISIBLE_SIGNATURE is set to False, or if the custom image to use is not specified. Possible values: True, False. Default: True. |
ALLOW_PROPERTY_OVERRIDE | Comma-separated list of worker properties that are allowed to be overridden by request metadata properties with the same names. See Request Metadata Properties for a list of properties that can be added to this property. Default: not set (no properties are allowed to be overridden). |
Request Metadata Properties
The following properties can be sent by the client with the request:
Property | Description |
---|---|
ADD_VISIBLE_SIGNATURE | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_IMAGE_BASE64 | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_CONTENT_TYPE | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_PAGE | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_RECTANGLE_LLX | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_RECTANGLE_LLY | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_RECTANGLE_URX | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_RECTANGLE_URY | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_NAME | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |
VISIBLE_SIGNATURE_CUSTOM_IMAGE_RESIZE_TO_RECTANGLE | Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE. |