Enveloped XAdES signing

What is ENVELOPED XAdES signature packaging?

ENVELOPED XAdES signature packaging helps with signing XML files which results in having the signature and the signed content in a final xml file. This is different from xades DETACHED signature packaging where the signature is in a separate file. In API Based Flow With File Hashes for .asice we see how to use xades DETACHED signature packaging to have a final asice container. However unlike asice, ENVELOPED xades returns xml file with the xml content and signature in the same file.

What is the difference between ENVELOPED XAdES and DETACHED XAdES?

ENVELOPED XAdESDETACHED XAdES
Accepts only XML filesAccepts any file type
Accepts ONLY the real file contentAccepts the hash of the file content
Returns XML file with the signature and the signed content in the same fileReturns XML file with the signature in a separate file
Accepts only one file at a timeAccepts multiple files

What parameters are required when preparing files for ENVELOPED XAdES signature packaging?

When preparing files for ENVELOPED XAdES signing, the following parameters are required:

  • client_id - your client id
  • secret - your secret
  • container_type - must be set to "xades"
  • files - array of files to be signed. Each file must have the following parameters:
    • fileContent - base64 encoded file content (the real file content, not the hash, and must be base64 encoded)
    • fileName - file name
    • mimeType - file mime type must be set to "application/xml"
  • signature_packaging - must be set to "ENVELOPED" (case sensitive)
  • noemails - set to true if notification emails are not needed (boolean)

Example request body for ENVELOPED XAdES signing POST /api/signatures/prepare-files-for-signing:

{
  "client_id": "your client id",
  "secret": "your secret",
  "container_type": "xades",
  "files": [
    {
      "fileContent": "base64 encoded file content",
      "fileName": "file name",
      "mimeType": "application/xml"
    }
  ],
  "signature_packaging": "ENVELOPED",
  "noemails": true
}

For additional parameters available when preparing files please see the API referenceopen in new window.

What methods supports ENVELOPED XAdES signature packaging?

All methods that supports xades container type also supports ENVELOPED xades signature packaging. The only changes you need to make is to set the signature_packaging to "ENVELOPED" (case sensitive), container type to "xades" and the file mime type to "application/xml". See What parameters are required when preparing files for ENVELOPED XAdES signature packaging? for more details.

Last Updated: