-
Notifications
You must be signed in to change notification settings - Fork 12
How to use
Marten Rebane edited this page Jun 22, 2021
·
4 revisions
- Take a look at how to manage containers
- See the MOPP-iOS API description
- Explore the Wiki section
- Download the latest release
- See the contributing guide. Your contribution and pull requests are more than welcome
RIA DigiDoc supports custom URL scheme. To open a file from web, add the digidoc
scheme in front of the web link.
Example:
digidoc://https://www.example.com/example.pdf
NOTE: RIA DigiDoc only supports links with "https" protocol
- Has .asice or .sce extension.
- This format is default format since 2019.
- ASIC-E containers are in compliance with EU standards.
- Signatures are stored in XAdES format.
- Supports following signature formats:
- LT (Long Term) - Signature with time-stamp and OCSP (both "regular" and AIA OCSP are supported).
- LTA (Long Term Archival) - signature format has additional archival time-stamp to LT profile.
- .asice or .sce file is in fact a ZIP container with the signed files, the signatures and the protocol control information and can basically be opened by any program that recognizes the ZIP format.
- It is recommended not to use special characters in the data file’s name, i.e. it is suggested to use only the characters that are categorized as “unreserved” according to RFC3986 (http://tools.ietf.org/html/rfc3986).
- Has .bdoc extension
- BDOC is a digital signature format developed in 2014 to replace the old, DDOC (DigiDoc) digital signature format.
- This format has been used as a default digital signature format in Estonia since 2015 until end of 2018.
- BDOC container is based on ASiC-E standard.
- Signatures are stored in XAdES format.
- Supports signature formats:
-
LT_TM (Long Term TimeMark) - signature has time-mark ensuring long-term provability of the authenticity of the signature.
- It is based on XAdES baseline LT signature format.
-
LT_TM (Long Term TimeMark) - signature has time-mark ensuring long-term provability of the authenticity of the signature.
- .bdoc file is in fact a ZIP container with the signed files, the signatures and the protocol control information and can basically be opened by any program that recognizes the ZIP format.
- It is recommended not to use special characters in the data file’s name, i.e. it is suggested to use only the characters that are categorized as “unreserved” according to RFC3986 (http://tools.ietf.org/html/rfc3986).
- Has .asics or .scs extension
- Container associates one data file with either:
- one signature file containing one or more detached digital signature(s) that apply to it; or
- one time assertion file containing a time assertion that apply to it.
- This format is used for timestamping the old DDOC containers in order to prove the inviolability of documents.
- Signing not supported on RIA DigiDoc iOS app
- Has .ddoc extension
- An old DigiDoc digital signature format
- Since year 2015 it's recommended not to sign documents in the DDOC format
- It is based on XML Advanced Electronic Signatures (XAdES) format, corresponding to profile XAdES-X-L
- The DigiDoc container includes the source files (the files that were signed) as well as the signatures that are related to the signed file(s)
- Every signature contains the certificate, validity confirmation and the validity confirmation service certificate.
- Signing not supported on RIA DigiDoc iOS app
- MOPP-iOS API
- Managing containers
- Working with card readers
- Crypto actions
- Wiki
- Architecture of ID-software
- Digital signature formats
- BDOC 2.1.2 specification
- DDOC specification
- Swift 5.4
- Xcode 12.5
- Internet access to external verification services:
- OCSP (Online Certificate Status Protocol) - http://ocsp.sk.ee, http://aia.sk.ee/esteid2018 and http://aia.sk.ee/eid2016
- EU List of eIDAS Trusted Lists (LOTL) - https://ec.europa.eu/tools/lotl/eu-lotl.xml
- EE Trusted list - https://sr.riik.ee/tsl/estonian-tsl.xml (other countries' TSL files can also be used to verify signatures. All countries' TSL file URLs can be found in EU List of eIDAS Trusted Lists (LOTL))
- TSA (Time Stamping Authority) - http://tsa.sk.ee
- Central configuration management - https://id.eesti.ee/config.json
- Time-stamping service - http://dd-at.ria.ee/tsa
- Mobile-ID service - https://dd-mid.ria.ee/mid-api
- Smart-ID service - https://dd-sid.ria.ee/v1
- SiVa – Signature validation service - https://siva.eesti.ee/V3/validate
- LDAP (Searching for certificates in LDAP catalogue) - ldap.sk.ee port 389
- LDAP (Searching for institutions’ certificates in LDAP catalogue) - ldaps://k3.ldap.sk.ee port 636
- LDAP (Searching for individuals’ certificates in LDAP catalogue) - ldaps://esteid.ldap.sk.ee port 636