Click here to Skip to main content
13,794,355 members
Click here to Skip to main content
Add your own
alternative version

Tagged as

Stats

1.7K views
2 bookmarked
Posted 21 Sep 2018
Licenced CPOL

The *AdES Collection, Part 4: ASiC and MIME Containers

, 21 Sep 2018
Rate this:
Please Sign up or sign in to vote.
Signed container formats

Introduction

This is the fourth and final part to the AdES collection. It explains the usage of ASiC containers, which are files able to hold documents and digital signatures based on CAdES and XAdES.

ASiC-S

The simple version of the container, named ASiC-S, can hold one document. This is a ZIP file which contains the following:

  • An optional mimetype file, which contains the mime type of the container, application/vnd.etsi.asic-s+zip.
  • The document to be signed. It can be any file, including another ASiC.
  • A META-INF folder, which contains:
    • Either a signatures.p7b, a detached CAdES signature on the document file, or,
    • A signatures.xml which contains a detached XAdES signature of the document.

Because the signature is always detached, if the document to be signed is itself an XML file, there is no need to canonicalize it.

ASiC-E

The extended version of the container, named ASiC-E, can hold any number of documents. This is a ZIP file which contains the following:

  • An optional mimetype file, which contains the mime type of the container, application/vnd.etsi.asic-e+zip.
  • The documents to be signed. It can also put them in directories.
  • An ASiCManifest.xml file inside the META-INF folder:
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<ASiCManifest xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" 

xmlns="http://uri.etsi.org/02918/v1.2.1#">
    <SigReference MimeType="application/x-pkcs7-signature" 

    URI="META-INF/signature.p7s"/>
    <DataObjectReference URI="file1.txt">
        <ns2:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <ns2:DigestValue>...</ns2:DigestValue>
    </DataObjectReference>
    <DataObjectReference URI="test/hello2.xml">
        <ns2:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <ns2:DigestValue>...</ns2:DigestValue>
    </DataObjectReference>
</ASiCManifest>

This file contains references to all the files inside the container (in the above example, to file1.txt and to hello2.xml inside the folder named test.

  • signatures.xml, signatures1.xml, signatures2.xml, etc. or signatures.p7s, signatures1.p7s which reference all or parts of the manifest file and sign them. There can be also other manifest files (ASiCManifest1.xml, etc.) which reference a different set of files.

The Code

HRESULT ASiC(ALEVEL alev,ATYPE typ, 
 LEVEL lev, std::vector<std::tuple<const BYTE*,DWORD,const char*>>& data,
            std::vector<CERT>& Certificates, SIGNPARAMETERS& Params,
 std::vector<char>& fndata);

where:

  • alev is the container mode, either S or E.
  • typ is the signing mode, either CAdES or XAdES.
  • The rest of the parameters are passed to the CAdES and XAdES functions, check the relative articles for a full description.
  • fndata receives the container zip data.

MIME

ASiC is interesting, but many existing applications support MIME. Using my MIME library you can now put multiple files inside a MIME container which is now signed with CAdES and, with one of my own experimental functions, with XAdES. So let us call it MAdES. 

HTML

To bring it further, I 've created enveloped signatures in HTML. HTML cannot be canonicalized easily, so I 've injected the signature between the <html> and the next tag. The file is parsed as binary, and the result is a XAdES-XL signature. Whether browsers will like my implementation in the future - who knows?

Good Luck.

References

History

  • 22nd September, 2018: First release

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Michael Chourdakis
Engineer
Greece Greece
I'm working in C++, PHP , Java, Windows, iOS and Android.

I 've a PhD in Digital Signal Processing and Artificial Intelligence and I specialize in Pro Audio and AI applications.

My home page: http://www.michaelchourdakis.com

You may also be interested in...

Comments and Discussions

 
-- There are no messages in this forum --
Permalink | Advertise | Privacy | Cookies | Terms of Use | Mobile
Web05 | 2.8.181207.3 | Last Updated 22 Sep 2018
Article Copyright 2018 by Michael Chourdakis
Everything else Copyright © CodeProject, 1999-2018
Layout: fixed | fluid