AdES Signer

ENTERPRISE This is a SignServer Enterprise feature.

The signer has the fully qualified class name: org.signserver.module.ades.signer.AdESSigner.

Overview

The AdES signer signs PDF and XML documents using ETSI formats for advanced electronic signatures (AdES).

The most common electronic signatures formats used within the European Union are XML Advanced Electronic Signatures (XAdES) and PDF Advanced Electronic Signatures (PAdES). The European Telecommunications Standards Institute (ETSI) creates and maintains a set of technical standards for electronic signatures that support the eIDAS legal framework.

As of version 5.7, SignServer supports Baseline Signature Levels for XAdES (as defined in ETSI EN 319 132) and PAdES (as defined in ETSI EN 319 142). The signature formats fulfill the requirements for Advanced Electronic Signatures as per the EU eIDAS regulation.

Signature Levels

The following list the signature levels:

Baseline-B: Basic Electronic Signature. The most simplistic version includes the document signature.
Baseline-T: Signature with a time-stamp. A time-stamp regarding the time of signing is also added.
Baseline-LT: Signature with Long Term Data. Certificates and revocation data are embedded to allow verification in the future even if their original source is not available.
Baseline-LTA: Signature with Long Term Data and Archive time-stamp. Adds an additional time-stamp and is suited for long-term archiving of documents.

Available Properties

Property	Description
SIGNATURE_LEVEL	Signature level to use. Required. The supported values are: BASELINE-B BASELINE-T BASELINE-LT BASELINE-LTA
SIGNATUREALGORITHM	Signature algorithm. Optional, default: depending on the signing key, SHA256withRSA, SHA256withDSA, or SHA256withECDSA. Only one of SIGNATUREALGORITHM and DIGESTALGORITHM can be specified at the same time.
DIGESTALGORITHM	Algorithm for the digest of the binary. Optional, default: SHA256. Only one of SIGNATUREALGORITHM and DIGESTALGORITHM can be specified at the same time.
ADD_CONTENT_TIMESTAMP	Setting if a time-stamp over the content should be included. Note that this is different from the signature time-stamp added as part of BASELINE-T and higher levels. Possible values: True or False. Optional, default: False.
TSA_WORKER	Worker ID or name of internal time-stamp signer in the same SignServer instance. Optional, default: none. This property cannot be combined with TSA_URL. This or TSA_URL must be set when SIGNATURE_LEVEL is set to BASELINE-T (or higher).
TSA_URL	URL of external time-stamp authority. Optional, default: none. This property cannot be combined with TSA_WORKER. This or TSA_WORKER must be set when SIGNATURE_LEVEL is set to BASELINE-T (or higher).
TSA_USERNAME	Login username used if the TSA uses HTTP Basic Auth. Optional, default: none.
TSA_PASSWORD	Login password used if the TSA uses HTTP Basic Auth. Required if TSA_USERNAME is specified. Default: none.
TSA_DIGESTALGORITHM	Algorithm for time-stamp digests. Optional, default: SHA-256.
TRUSTANCHORS	Additional trusted certificates in PEM format. When the certificates, revocation data or time-stamp tokens etc. are verified as part of signing, certificates not chaining up to the same root CA needs to have its root certificate added to this property. If not the signing could fail with a processing failure message and the logs show that "revocation data is missing". This especially needs to be done when using a TSA with a signer certificate issued by another root then what this signer is using at LT or higher level and also for cases (at LT level) when the input document already contains signatures (or time-stamps) using a different root. Optional.
SIGNATURE_FORMAT	Signature formats to use. Required. Supported formats: PAdES XAdES
SIGNATURE_PACKAGING	This property is not supported with PAdES. This property is used and valid when SIGNATURE_FORMAT = XAdES. Supported values: ENVELOPED: When the signature applies to data that surrounds the rest of the document. ENVELOPING: When the signed data form a sub-element of the signature itself: Base64 encoded binaries. Embed XML object(s). Embed Manifest object(s). DETACHED: When the signature relates to the external resource(s) separated from it. INTERNALLY-DETACHED: When the signature and the related signed data are both included in a parent element (only XML). Required.
FIXED_SIGNATURE_SIZE	This property is only supported with PAdES. This property sets a fixed size for the signature space within the PDF and disables the signature size estimation in the first try. If the signature format is PAdES and FIXED_SIGNATURE_SIZE is not set (or equal to zero) then we try to estimate the PKCS#7 signature size. Signature Size Estimation and Retry Algorithm The first estimated value is calculated as the sum of: • Certificate chain size • 2000 for PKCS#7 structure + hash • 8192 for OCSP • 8192 for CRLs size • 4096 for TSC Then if signing the certificate fails due to that the signature became larger than the estimated size, the signer will retry using the actual signature size plus a 1024 bytes margin. The retry can happen up to 3 times before it gives up.
ADD_VISIBLE_SIGNATURE	This property enables adding the visible signature.
VISIBLE_SIGNATURE_IMAGE_PATH	The path to the image for the visible signature.
VISIBLE_SIGNATURE_IMAGE_BASE64	The image to use in the visible signature in Base64 format.
VISIBLE_SIGNATURE_CONTENT_TYPE	Content-type of the Base64 image. For example, image/png.
VISIBLE_SIGNATURE_PAGE	Sets a page number where the signature field should be placed. The counting starts from 1 (one) for the first page of the document.
VISIBLE_SIGNATURE_RECTANGLE_LLX	Sets an upper-left X coordinate of the visible signature field.
VISIBLE_SIGNATURE_RECTANGLE_LLY	Sets an upper-left Y coordinate of the visible signature field.
VISIBLE_SIGNATURE_RECTANGLE_URX	Sets the width of the visible signature field.
VISIBLE_SIGNATURE_RECTANGLE_URY	Sets the height of the visible signature field.
EXTEND_VALIDITY	When set to true and the signature level is BASELINE-LTA, will extend validity of a document if it was already signed (at any level) with an up-to-date archive timestamp. This can be set to true or false. True is only supported when SIGNATURE_LEVEL is BASELINE-LTA. Optional. Default: false.
VISIBLE_SIGNATURE_NAME	Sets the visible signature in the existing empty signature filed with this name.
VISIBLE_SIGNATURE_CUSTOM_IMAGE_RESIZE_TO_RECTANGLE	If you want the custom image to be resized to a specified rectangle (set by VISIBLE_SIGNATURE_RECTANGLE_LLX, VISIBLE_SIGNATURE_RECTANGLE_LLY, VISIBLE_SIGNATURE_RECTANGLE_URX and VISIBLE_SIGNATURE_RECTANGLE_URY), then set to True. If set to True, the image might look different than the original (as an effect of resizing). If set to False, the rectangle drawn will be resized to the specified image's sizes. If set to False, the llx and lly coordinates specified by VISIBLE_SIGNATURE_RECTANGLE_LLX and VISIBLE_SIGNATURE_RECTANGLE_LLY property will be used for drawing the rectangle (urx and ury will be calculated from the specified image size). This property is ignored if ADD_VISIBLE_SIGNATURE is set to False, or if the custom image to use is not specified. Possible values: True, False. Default: True.
ALLOW_PROPERTY_OVERRIDE	Comma-separated list of worker properties that are allowed to be overridden by request metadata properties with the same names. See Request Metadata Properties for a list of properties that can be added to this property. Default: not set (no properties are allowed to be overridden).

Request Metadata Properties

The following properties can be sent by the client with the request:

Property	Description
ADD_VISIBLE_SIGNATURE	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_IMAGE_BASE64	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_CONTENT_TYPE	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_PAGE	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_RECTANGLE_LLX	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_RECTANGLE_LLY	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_RECTANGLE_URX	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_RECTANGLE_URY	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_NAME	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.
VISIBLE_SIGNATURE_CUSTOM_IMAGE_RESIZE_TO_RECTANGLE	Overrides the worker property with the same name. Only allowed if listed in ALLOW_PROPERTY_OVERRIDE.