XML Signature, including Electronic Invoice (NF-e)
The XML signature functions are in accordance with the standard for digital signatures in XML (Extended Markup Language) format defined by the W3C (World Wide Web Consortium) consortium, in order to guarantee interoperability, i.e. XML documents signed by the HSM can be verified in other environments adhering to W3C standards, and the HSM can verify signatures on XML documents signed externally.
The API functions for use with XML signing require the internal storage in the HSM of the digital certificates for digital signing and the complete chain of trust of the certificates for verification.
To write a digital certificate (or file) to the HSM, use the remote management console or the DWriteFile() API.
The digital certificate for signing must be encoded in ASN1 DER binary format and also follow the X.509 standard. The file containing the chain of trust for verifying the digital signature must be encoded in PKCS#7 format (Public Key Cryptography Standard #7 - Cryptographic Message Syntax Standard).
|
byte[] | signXML (byte bHashMode, int nFlags, String strKeyId, String strCertId, byte[] baUnsignedXml, byte[] baFilter) throws TacException |
| Digitally signs an XML document using the W3C XML digital signature standards.
|
|
byte[] | signXML (String strPrivKeyName, int nHashAlg, String strCertId, byte[] baUnsignedXml, byte[] baFilter) throws TacException |
| Digitally signs an XML document using the W3C XML digital signature standards.
|
|
byte[] | signXML (byte[] hKey, byte[] hHash, String strCertId, int nUnsignedXml, byte[] baUnsignedXml, int[] naSignedXmlSize, int nFilterSize, byte[] baFilter) throws TacException |
| Digitally signs an XML document using the W3C XML digital signature standards.
|
|
◆ signXML() [1/3]
byte[] signXML |
( |
byte | bHashMode, |
|
|
int | nFlags, |
|
|
String | strKeyId, |
|
|
String | strCertId, |
|
|
byte[] | baUnsignedXml, |
|
|
byte[] | baFilter ) throws TacException |
Digitally signs an XML document using the W3C XML digital signature standards.
- Parameters
-
bHashMode | Type of hash used in the signature. The values in the table below are accepted.
|
nFlags | Flags containing the subscription options. The table below is accepted.
|
strKeyId | Name of the private key in the HSM. |
strCertId | Name of the certificate in HSM. |
baUnsignedXml | XML to be signed. |
baFilter | Filter for digitally signing parts of the XML document. Use of the filter is optional. See Using XML filters. |
- Return
- Array of original XML bytes digitally signed in the specified format.
- Exceptions
-
TacException | Throws exception in case of signature errors |
◆ signXML() [2/3]
byte[] signXML |
( |
String | strPrivKeyName, |
|
|
int | nHashAlg, |
|
|
String | strCertId, |
|
|
byte[] | baUnsignedXml, |
|
|
byte[] | baFilter ) throws TacException |
Digitally signs an XML document using the W3C XML digital signature standards.
It receives the parameters in byte array format.
- Parameters
-
strPrivKeyName | Identifier internal to the HSM referring to the key to be used for signing the XML document. |
nHashAlg | Hash algorithm used. The table below is accepted.
|
strCertId | Identifier internal to the HSM referring to the digital certificate to be used for signing the XML document. |
baUnsignedXml | Parameter containing the XML to be signed. |
baFilter | Filter for digitally signing parts of the XML document. Use of the filter is optional. See Using XML filters. |
- Return
- Array of bytes containing the original digitally signed XML document in the specified format.
- Exceptions
-
TacException | Throws exception in case of signature errors |
◆ signXML() [3/3]
byte[] signXML |
( |
byte[] | hKey, |
|
|
byte[] | hHash, |
|
|
String | strCertId, |
|
|
int | nUnsignedXml, |
|
|
byte[] | baUnsignedXml, |
|
|
int[] | naSignedXmlSize, |
|
|
int | nFilterSize, |
|
|
byte[] | baFilter ) throws TacException |
Digitally signs an XML document using the W3C XML digital signature standards.
Receives parameters in string format.
- Parameters
-
hKey | Identifier internal to the HSM referring to the key to be used for signing the XML document. |
hHash | Hash algorithm used. |
strCertId | Identifier internal to the HSM referring to the digital certificate to be used for signing the XML document. |
nUnsignedXml | Parameter containing the XML to be signed. |
baUnsignedXml | |
naSignedXmlSize | |
nFilterSize | |
baFilter | |
- Return
- Exceptions
-
TacException | Throws exception in case of signature errors |