Enveloped XAdES signing
What is ENVELOPED XAdES signature packaging?
ENVELOPED XAdES signature packaging helps with signing XML files which results in having the signature and the signed content in a final xml file. This is different from xades DETACHED signature packaging where the signature is in a separate file. In API Based Flow With File Hashes for .asice we see how to use xades DETACHED signature packaging to have a final asice container. However unlike asice, ENVELOPED xades returns xml file with the xml content and signature in the same file.
What is the difference between ENVELOPED XAdES and DETACHED XAdES?
| ENVELOPED XAdES | DETACHED XAdES |
|---|---|
| Accepts only XML files | Accepts any file type |
| Accepts ONLY the real file content | Accepts the hash of the file content |
| Returns XML file with the signature and the signed content in the same file | Returns XML file with the signature in a separate file |
| Accepts only one file at a time | Accepts multiple files |
What parameters are required when preparing files for ENVELOPED XAdES signature packaging?
When preparing files for ENVELOPED XAdES signing, the following parameters are required:
client_id- your client idsecret- your secretcontainer_type- must be set to "xades"files- array of files to be signed. Each file must have the following parameters:fileContent- base64 encoded file content (the real file content, not the hash, and must be base64 encoded)fileName- file namemimeType- file mime type must be set to "application/xml"
signature_packaging- must be set to "ENVELOPED" (case sensitive)noemails- set to true if notification emails are not needed (boolean)
Example request body for ENVELOPED XAdES signing POST /api/signatures/prepare-files-for-signing:
{
"client_id": "your client id",
"secret": "your secret",
"container_type": "xades",
"files": [
{
"fileContent": "base64 encoded file content",
"fileName": "file name",
"mimeType": "application/xml"
}
],
"signature_packaging": "ENVELOPED",
"noemails": true
}
For additional parameters available when preparing files please see the API reference.
What methods supports ENVELOPED XAdES signature packaging?
All methods that supports xades container type also supports ENVELOPED xades signature packaging. The only changes you need to make is to set the signature_packaging to "ENVELOPED" (case sensitive), container type to "xades" and the file mime type to "application/xml". See What parameters are required when preparing files for ENVELOPED XAdES signature packaging? for more details.