Skip to main content
Skip table of contents

MRTD SOD Signer

The signer has the class name: org.signserver.module.mrtdsodsigner.MRTDSODSigner.

Overview

The MRTD SOD Signer creates the Complete Security Object (SOd) for Machine Readable Travel Documents (MRTD), such as electronic passports and residence permits, by signing the provided data groups (DGs).

The Document Signer (DS) certificate is included in the SOd. The SOd is verified (including the certificate path) before it is returned, so the certificate chain must contain the Country Signing CA (CSCA) certificate. For more information, see SODProcessServlet in HTTP interface or ClientWS interface.

Available Properties

Property

Default

Description

DIGESTALGORITHM 

SHA256

(Optional) Specifies the message digest algorithm that is applied or should be applied to the values.

DODATAGROUPHASHING

False

(Optional) True if this signer first should hash the DG values. Otherwise, the values are assumed to be hashes already.

LDSVERSION 

0107

(Optional) Specifies the version of Logical Data Structure (LDS). Define the value based on the LDS version:

  • 0107 for LDS version 1.7 (Default)

  • 0108 for LDS version 1.8

SIGNATUREALGORITHM 

SHA256withRSA

(Optional) Specifies the signature algorithm for signing the SO(d).

SHA256withRSAandMGF1 is recommended by Doc9303.

UNICODEVERSION 

None

Specifies the version of Unicode used in the datagroups. Required if LDS 1.8 is used. Example: 040000 for Unicode version 4.0.0.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close