JAdESSigner Class

Properties   Methods   Events   Config Settings   Errors  

The JAdESSigner class signs Javascript content electronically.

Syntax

JAdESSigner

Remarks

JAdESSigner supports a range of digital signature formats over Javascript content, including JSON Web Signatures (JWS) and ETSI JSON Advanced Electronic Signatures (JAdES).

Standards and technologies supported

JAdESSigner can create signatures that match the following standards:

• Generic JSON Web Signatures (JWS) (RFC7515)
• JAdES: all profiles are supported (BES, EPES, T, LTV, B-B, B-T, and others) (ETSI TS 119 182-1)
• Timestamps using external TSAs.
• All industry-standard cryptographic algorithms (RSA, ECDSA, SHA256-512, and many others).

Configuring the signature spec

JWS and JAdES signatures can come in all sorts of flavours, with the primary factors being the signature format (how exactly the signed data is represented in bytes) and completeness (the extent of the trust information that is included in the signature). You can use the properties of your JAdESSigner object to configure these and other parameters. Typically, the service or software that you need to communicate with will provide you with a list of requirements that your JSON signature needs to satisfy. In some cases, they will also send you an example signature that you may use as a guide.

Typically, you will need to adjust the following categories of settings:

• Level (plain JWS, B, T, LT, or LTA). This can be adjusted with the property.
• Timestamp requirement: provide the address of your online TSA service via TimestampServer property.
• When creating LT/LTA signatures, tune up validation parameters via RevocationCheck, OfflineMode, and IgnoreChainValidationErrors properties.
• Configure the signature representation parameters such as CompactForm, Detached or FlattenedSignature.

The above are the most important settings from each category; you may need to adjust more specific settings, such as EPES policy parameters (such as ) or ContentType, to fine-tune your signature.

Signing certificates

JAdESSigner can use certificates residing on different media. Besides generic certificates stored in PFX or PEM files (A1), it can operate with non-exportable certificates residing on hardware media (A3), system stores/keychains, or in the cloud.

Non-exportable certificates can be accessed transparently via a Windows CSP or a PKCS#11 driver, if supplied by the certificate issuer. Proprietary or less interoperable media can be communicated with the external signing feature (see below).

Use CertificateManager and CertificateStorage components to load the signing certificate. Assign the certificate to SigningCertificate property, and optionally provide the remainder of its chain via the SigningChain property.

In the default configuration, JAdESSigner will do its best to collect the trust elements (certificates, CRLs, OCSP responses) required by the chosen signature level automatically. It will use all available sources, including the system stores, the chain validation cache, and the signature itself (when upgrading an existing signature). However, there can be situations where only some (or even none) of the trust elements are available in the public locations. This is particularly the case for internal, experimental, or test PKI environments. In such cases you might need to locate the missing elements manually and provide them to JAdESSigner via the KnownCertificates, KnownCRLs, and KnownOCSPs properties. You can also provide any trust anchors not included in the public Trusted Root directory via the TrustedCertificates collection.

Note: If signing with a non-exportable key (such as residing on a hardware device or in the cloud), please make sure you keep the original CertificateStorage object open until the signing is completed. This is because the storage component provides a 'bridge' to the private key. If the storage is closed prematurely, this bridge is destroyed, and the private key can't be used.

Signing the JSON

Now that you have configured the signature and certificate settings, you can proceed to signing. You can provide the JSON input in one of the following forms: as a file (assign the path to InputFile property), as a stream (assign to InputStream property), as a string (InputString), or as a byte array (assign to InputBytes). Similarly, the output can be collected in one of the same forms, either by passing the destination path or stream via OutputFile and OutputStream respectively, or by reading the resulting document bytes from the OutputBytes or OutputString property after the signing.

Having set up the input and output, call the component's Sign method. This will initiate the signing process. Depending on the settings, the signing may be as straightforward as calculating the document hash and signing it with the private key (e.g. when creating a B-level signature), or it may involve advanced chain validation routines (LT or LTA). During the latter the component contacts a number of external trust information sources (CA, CRL, and OCSP servers) to establish the validity of the signing certificate.

If a TSA server was provided via the TimestampServer property, the component will contact it too to timestamp the new signature.

During the signing JAdESSigner may fire events to let your code know of certain conditions. It may fire TLSCertValidate if one of the HTTP endpoints involved during the operation (which may be a CRL, OCSP, or TSA service) works over TLS and needs its certificate chain to be validated.

External signing and DCAuth

JAdESSigner, like many other components included in the product, supports two methods of signing with external keys. These methods are fully independent of each other: you can choose the one that suits your scenario best.

Synchronous method: ExternalSign

This is a simpler method that basically lets you infiltrate into the signing routine by taking care of the hash signing operation. The component does the rest of the job (hash calculation, preparation of signature objects, CRL/OCSP retrieval).

To initiate this method, call SignExternal instead of Sign. When the hash is ready, it will be passed back to your code with ExternalSign event. Your event handler needs to sign the hash with the private key and return the created signature back to the component - which will embed it into the document.

You don't need your signing certificate to contain an associated private key when using this method. The certificate itself (its public copy) may be needed though, as it is included in the hash calculation.

This method is synchronous, meaning SignExternal provides you the results immediately upon its completion.

Asynchronous method: DCAuth

DCAuth is a SecureBlackbox know-how technology. This protocol was designed to allow sharing of private keys across environments, allowing the signer and the private key to reside on different systems. It works in the following way:

• The signing party - such as JAdESSigner - initiates the operation using SignAsyncBegin call. This produces two outcomes: a pre-signed content (a JSON body with a blank signature placeholder), and a request state (an object containing a hash that needs to be signed). At this point the JAdESSigner instance can be released, and the process itself terminated (which may be useful when run as part of a web page).
• The request state is passed to the private key holder party. The private key holder passes the request state to a DCAuth object, which parses the request state, extracts the hash, and signs it. The output of DCAuth processing is another object, response state, which contains the signature. The private key holder then sends the response state back to the signing party.
• The signing party re-creates the signing controls, and passes the response state, together with the pre-signed content, to the signer's SignAsyncEnd method. SignAsyncEnd extracts the signature from the response state and incorporates it into the pre-signed object, hereby completing the signature.

This method is asynchronous in that sense that, from the signing party's viewpoint, it splits the signing operation into the pre-signing and completion stages which can be performed independently from each other and in different execution contexts. This makes this method particularly helpful for use in web pages and other scenarios where the signing key is not available in real time.

Fine-grained chain validation setup

Chain validation is a sophisticated, multi-faceted procedure that involves a lot of variables. Depending on the configuration of your operating environment, the specifics of the PKI framework being used, and the validation policy you need to follow, you may want to tune up your chain validation parameters so they fit them best. A summary of such parameters is given below.

• RevocationCheck lets you choose between and/or prioritize revocation origins. OCSP sources are often preferred to CRL because of their real-time capability and the smaller size of validation tokens they produce.
• OfflineMode is a master switch that stops the class from looking for any validation tokens online. If this property is switched on, the class will only use the KnownCertificates, TrustedCertificates, KnownCRLs, and KnownOCSPs collections to look for the missing validation material.
• IgnoreChainValidationErrors makes the class ignore any major validation issues it encounters (such us an untrusted chain or missing CRL). This option is handy for debugging and for creating signatures in the environments where the signing certificate is not trusted.
• KnownCertificates, KnownCRLs, and KnownOCSPs let you provide your own validation material. This may be useful when working in OfflineMode, where the signer has no access to the validation sources, or where the validation material has already been collected.
• TrustedCertificates lets you provide a list of trust anchors, either as a complement to the system's or as an alternative to it.
• BlockedCertificates lets you provide a list of blocked/distrusted certificates. Any CA certificate contained in it will be deemed untrusted/invalid.

The following parameters are not directly related to chain validation, but may have an implicit effect on it.

• Proxy, SocketSettings, and TLSSettings let you tune up the connectivity and TLS options in accordance with local preferences.
• TLSClientChain lets you provide the client certificate and its chain for TLS client authentication.
• Subscribe to TLSCertValidate to validate any TLS certificates of the services involved in chain validation.

The results of the chain validation procedure, upon its completion, are published in the following properties:

• ChainValidationResult contains the primary result of the chain validation routine: valid, valid but untrusted, invalid, or undefined.
• ChainValidationDetails provides the details of the factors that contributed to the chain validation result, such as an outdated certificate, a missing CRL, or a missing CA certificate.
• ValidationLog contains the detailed chain validation log. The log can often be very helpful in nailing down various validation issues.

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.

AutoValidateSignatures Property (JAdESSigner Class)

Specifies whether class should validate any present signatures when the JSON opened.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetAutoValidateSignatures();
int SetAutoValidateSignatures(int bAutoValidateSignatures);

Unicode (Windows)
BOOL GetAutoValidateSignatures();
INT SetAutoValidateSignatures(BOOL bAutoValidateSignatures);

int secureblackbox_jadessigner_getautovalidatesignatures(void* lpObj);
int secureblackbox_jadessigner_setautovalidatesignatures(void* lpObj, int bAutoValidateSignatures);

bool GetAutoValidateSignatures();
int SetAutoValidateSignatures(bool bAutoValidateSignatures);

Default Value

FALSE

Remarks

This setting is switched off by default to speed up JSON processing. Even if the JWS/JAdES signature is loaded with this property set to false, you can validate the signatures manually on a later stage using the Revalidate method.

Data Type

Boolean

BlockedCertCount Property (JAdESSigner Class)

The number of records in the BlockedCert arrays.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetBlockedCertCount();
int SetBlockedCertCount(int iBlockedCertCount);

Unicode (Windows)
INT GetBlockedCertCount();
INT SetBlockedCertCount(INT iBlockedCertCount);

int secureblackbox_jadessigner_getblockedcertcount(void* lpObj);
int secureblackbox_jadessigner_setblockedcertcount(void* lpObj, int iBlockedCertCount);

int GetBlockedCertCount();
int SetBlockedCertCount(int iBlockedCertCount);

Default Value

0

Remarks

This property controls the size of the following arrays:

• BlockedCertBytes
• BlockedCertHandle

The array indices start at 0 and end at BlockedCertCount - 1.

This property is not available at design time.

Data Type

Integer

BlockedCertBytes Property (JAdESSigner Class)

Returns the raw certificate data in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetBlockedCertBytes(int iBlockedCertIndex, char* &lpBlockedCertBytes, int &lenBlockedCertBytes);

Unicode (Windows)
INT GetBlockedCertBytes(INT iBlockedCertIndex, LPSTR &lpBlockedCertBytes, INT &lenBlockedCertBytes);

int secureblackbox_jadessigner_getblockedcertbytes(void* lpObj, int blockedcertindex, char** lpBlockedCertBytes, int* lenBlockedCertBytes);

QByteArray GetBlockedCertBytes(int iBlockedCertIndex);

Remarks

Returns the raw certificate data in DER format.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

BlockedCertHandle Property (JAdESSigner Class)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int64 GetBlockedCertHandle(int iBlockedCertIndex);
int SetBlockedCertHandle(int iBlockedCertIndex, int64 lBlockedCertHandle);

Unicode (Windows)
LONG64 GetBlockedCertHandle(INT iBlockedCertIndex);
INT SetBlockedCertHandle(INT iBlockedCertIndex, LONG64 lBlockedCertHandle);

int64 secureblackbox_jadessigner_getblockedcerthandle(void* lpObj, int blockedcertindex);
int secureblackbox_jadessigner_setblockedcerthandle(void* lpObj, int blockedcertindex, int64 lBlockedCertHandle);

qint64 GetBlockedCertHandle(int iBlockedCertIndex);
int SetBlockedCertHandle(int iBlockedCertIndex, qint64 lBlockedCertHandle);

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation.

 
 Copy
  pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is not available at design time.

Data Type

Long64

CertCount Property (JAdESSigner Class)

The number of records in the Cert arrays.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertCount();

Unicode (Windows)
INT GetCertCount();

int secureblackbox_jadessigner_getcertcount(void* lpObj);

int GetCertCount();

Default Value

0

Remarks

This property controls the size of the following arrays:

• CertBytes
• CertCA
• CertCAKeyID
• CertCRLDistributionPoints
• CertCurve
• CertFingerprint
• CertFriendlyName
• CertHandle
• CertHashAlgorithm
• CertIssuer
• CertIssuerRDN
• CertKeyAlgorithm
• CertKeyBits
• CertKeyFingerprint
• CertKeyUsage
• CertKeyValid
• CertOCSPLocations
• CertPolicyIDs
• CertPublicKeyBytes
• CertSelfSigned
• CertSerialNumber
• CertSigAlgorithm
• CertSubject
• CertSubjectKeyID
• CertSubjectRDN
• CertValidFrom
• CertValidTo

The array indices start at 0 and end at CertCount - 1.

This property is read-only and not available at design time.

Data Type

Integer

CertBytes Property (JAdESSigner Class)

Returns the raw certificate data in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertBytes(int iCertIndex, char* &lpCertBytes, int &lenCertBytes);

Unicode (Windows)
INT GetCertBytes(INT iCertIndex, LPSTR &lpCertBytes, INT &lenCertBytes);

int secureblackbox_jadessigner_getcertbytes(void* lpObj, int certindex, char** lpCertBytes, int* lenCertBytes);

QByteArray GetCertBytes(int iCertIndex);

Remarks

Returns the raw certificate data in DER format.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertCA Property (JAdESSigner Class)

Indicates whether the certificate has a CA capability (a setting in the BasicConstraints extension).

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertCA(int iCertIndex);

Unicode (Windows)
BOOL GetCertCA(INT iCertIndex);

int secureblackbox_jadessigner_getcertca(void* lpObj, int certindex);

bool GetCertCA(int iCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate has a CA capability (a setting in the BasicConstraints extension).

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertCAKeyID Property (JAdESSigner Class)

A unique identifier (fingerprint) of the CA certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertCAKeyID(int iCertIndex, char* &lpCertCAKeyID, int &lenCertCAKeyID);

Unicode (Windows)
INT GetCertCAKeyID(INT iCertIndex, LPSTR &lpCertCAKeyID, INT &lenCertCAKeyID);

int secureblackbox_jadessigner_getcertcakeyid(void* lpObj, int certindex, char** lpCertCAKeyID, int* lenCertCAKeyID);

QByteArray GetCertCAKeyID(int iCertIndex);

Remarks

A unique identifier (fingerprint) of the CA certificate's private key.

Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertCRLDistributionPoints Property (JAdESSigner Class)

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertCRLDistributionPoints(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertCRLDistributionPoints(INT iCertIndex);

char* secureblackbox_jadessigner_getcertcrldistributionpoints(void* lpObj, int certindex);

QString GetCertCRLDistributionPoints(int iCertIndex);

Default Value

""

Remarks

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertCurve Property (JAdESSigner Class)

Specifies the elliptic curve of the EC public key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertCurve(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertCurve(INT iCertIndex);

char* secureblackbox_jadessigner_getcertcurve(void* lpObj, int certindex);

QString GetCertCurve(int iCertIndex);

Default Value

""

Remarks

Specifies the elliptic curve of the EC public key.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertFingerprint Property (JAdESSigner Class)

Contains the fingerprint (a hash imprint) of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertFingerprint(int iCertIndex, char* &lpCertFingerprint, int &lenCertFingerprint);

Unicode (Windows)
INT GetCertFingerprint(INT iCertIndex, LPSTR &lpCertFingerprint, INT &lenCertFingerprint);

int secureblackbox_jadessigner_getcertfingerprint(void* lpObj, int certindex, char** lpCertFingerprint, int* lenCertFingerprint);

QByteArray GetCertFingerprint(int iCertIndex);

Remarks

Contains the fingerprint (a hash imprint) of this certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertFriendlyName Property (JAdESSigner Class)

Contains an associated alias (friendly name) of the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertFriendlyName(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertFriendlyName(INT iCertIndex);

char* secureblackbox_jadessigner_getcertfriendlyname(void* lpObj, int certindex);

QString GetCertFriendlyName(int iCertIndex);

Default Value

""

Remarks

Contains an associated alias (friendly name) of the certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertHandle Property (JAdESSigner Class)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int64 GetCertHandle(int iCertIndex);

Unicode (Windows)
LONG64 GetCertHandle(INT iCertIndex);

int64 secureblackbox_jadessigner_getcerthandle(void* lpObj, int certindex);

qint64 GetCertHandle(int iCertIndex);

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation.

 
 Copy
  pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Long64

CertHashAlgorithm Property (JAdESSigner Class)

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertHashAlgorithm(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertHashAlgorithm(INT iCertIndex);

char* secureblackbox_jadessigner_getcerthashalgorithm(void* lpObj, int certindex);

QString GetCertHashAlgorithm(int iCertIndex);

Default Value

""

Remarks

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertIssuer Property (JAdESSigner Class)

The common name of the certificate issuer (CA), typically a company name.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertIssuer(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertIssuer(INT iCertIndex);

char* secureblackbox_jadessigner_getcertissuer(void* lpObj, int certindex);

QString GetCertIssuer(int iCertIndex);

Default Value

""

Remarks

The common name of the certificate issuer (CA), typically a company name.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertIssuerRDN Property (JAdESSigner Class)

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertIssuerRDN(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertIssuerRDN(INT iCertIndex);

char* secureblackbox_jadessigner_getcertissuerrdn(void* lpObj, int certindex);

QString GetCertIssuerRDN(int iCertIndex);

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertKeyAlgorithm Property (JAdESSigner Class)

Specifies the public key algorithm of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertKeyAlgorithm(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertKeyAlgorithm(INT iCertIndex);

char* secureblackbox_jadessigner_getcertkeyalgorithm(void* lpObj, int certindex);

QString GetCertKeyAlgorithm(int iCertIndex);

Default Value

"0"

Remarks

Specifies the public key algorithm of this certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertKeyBits Property (JAdESSigner Class)

Returns the length of the public key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyBits(int iCertIndex);

Unicode (Windows)
INT GetCertKeyBits(INT iCertIndex);

int secureblackbox_jadessigner_getcertkeybits(void* lpObj, int certindex);

int GetCertKeyBits(int iCertIndex);

Default Value

0

Remarks

Returns the length of the public key.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Integer

CertKeyFingerprint Property (JAdESSigner Class)

Returns a fingerprint of the public key contained in the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyFingerprint(int iCertIndex, char* &lpCertKeyFingerprint, int &lenCertKeyFingerprint);

Unicode (Windows)
INT GetCertKeyFingerprint(INT iCertIndex, LPSTR &lpCertKeyFingerprint, INT &lenCertKeyFingerprint);

int secureblackbox_jadessigner_getcertkeyfingerprint(void* lpObj, int certindex, char** lpCertKeyFingerprint, int* lenCertKeyFingerprint);

QByteArray GetCertKeyFingerprint(int iCertIndex);

Remarks

Returns a fingerprint of the public key contained in the certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertKeyUsage Property (JAdESSigner Class)

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyUsage(int iCertIndex);

Unicode (Windows)
INT GetCertKeyUsage(INT iCertIndex);

int secureblackbox_jadessigner_getcertkeyusage(void* lpObj, int certindex);

int GetCertKeyUsage(int iCertIndex);

Default Value

0

Remarks

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

This value is a bit mask of the following values:

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Integer

CertKeyValid Property (JAdESSigner Class)

Returns True if the certificate's key is cryptographically valid, and False otherwise.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyValid(int iCertIndex);

Unicode (Windows)
BOOL GetCertKeyValid(INT iCertIndex);

int secureblackbox_jadessigner_getcertkeyvalid(void* lpObj, int certindex);

bool GetCertKeyValid(int iCertIndex);

Default Value

FALSE

Remarks

Returns True if the certificate's key is cryptographically valid, and False otherwise.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertOCSPLocations Property (JAdESSigner Class)

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertOCSPLocations(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertOCSPLocations(INT iCertIndex);

char* secureblackbox_jadessigner_getcertocsplocations(void* lpObj, int certindex);

QString GetCertOCSPLocations(int iCertIndex);

Default Value

""

Remarks

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertPolicyIDs Property (JAdESSigner Class)

Contains identifiers (OIDs) of the applicable certificate policies.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertPolicyIDs(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertPolicyIDs(INT iCertIndex);

char* secureblackbox_jadessigner_getcertpolicyids(void* lpObj, int certindex);

QString GetCertPolicyIDs(int iCertIndex);

Default Value

""

Remarks

Contains identifiers (OIDs) of the applicable certificate policies.

The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertPublicKeyBytes Property (JAdESSigner Class)

Contains the certificate's public key in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertPublicKeyBytes(int iCertIndex, char* &lpCertPublicKeyBytes, int &lenCertPublicKeyBytes);

Unicode (Windows)
INT GetCertPublicKeyBytes(INT iCertIndex, LPSTR &lpCertPublicKeyBytes, INT &lenCertPublicKeyBytes);

int secureblackbox_jadessigner_getcertpublickeybytes(void* lpObj, int certindex, char** lpCertPublicKeyBytes, int* lenCertPublicKeyBytes);

QByteArray GetCertPublicKeyBytes(int iCertIndex);

Remarks

Contains the certificate's public key in DER format.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertSelfSigned Property (JAdESSigner Class)

Indicates whether the certificate is self-signed (root) or signed by an external CA.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertSelfSigned(int iCertIndex);

Unicode (Windows)
BOOL GetCertSelfSigned(INT iCertIndex);

int secureblackbox_jadessigner_getcertselfsigned(void* lpObj, int certindex);

bool GetCertSelfSigned(int iCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate is self-signed (root) or signed by an external CA.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertSerialNumber Property (JAdESSigner Class)

Returns the certificate's serial number.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertSerialNumber(int iCertIndex, char* &lpCertSerialNumber, int &lenCertSerialNumber);

Unicode (Windows)
INT GetCertSerialNumber(INT iCertIndex, LPSTR &lpCertSerialNumber, INT &lenCertSerialNumber);

int secureblackbox_jadessigner_getcertserialnumber(void* lpObj, int certindex, char** lpCertSerialNumber, int* lenCertSerialNumber);

QByteArray GetCertSerialNumber(int iCertIndex);

Remarks

Returns the certificate's serial number.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertSigAlgorithm Property (JAdESSigner Class)

Indicates the algorithm that was used by the CA to sign this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertSigAlgorithm(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertSigAlgorithm(INT iCertIndex);

char* secureblackbox_jadessigner_getcertsigalgorithm(void* lpObj, int certindex);

QString GetCertSigAlgorithm(int iCertIndex);

Default Value

""

Remarks

Indicates the algorithm that was used by the CA to sign this certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertSubject Property (JAdESSigner Class)

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertSubject(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertSubject(INT iCertIndex);

char* secureblackbox_jadessigner_getcertsubject(void* lpObj, int certindex);

QString GetCertSubject(int iCertIndex);

Default Value

""

Remarks

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertSubjectKeyID Property (JAdESSigner Class)

Contains a unique identifier (fingerprint) of the certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertSubjectKeyID(int iCertIndex, char* &lpCertSubjectKeyID, int &lenCertSubjectKeyID);

Unicode (Windows)
INT GetCertSubjectKeyID(INT iCertIndex, LPSTR &lpCertSubjectKeyID, INT &lenCertSubjectKeyID);

int secureblackbox_jadessigner_getcertsubjectkeyid(void* lpObj, int certindex, char** lpCertSubjectKeyID, int* lenCertSubjectKeyID);

QByteArray GetCertSubjectKeyID(int iCertIndex);

Remarks

Contains a unique identifier (fingerprint) of the certificate's private key.

Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertSubjectRDN Property (JAdESSigner Class)

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertSubjectRDN(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertSubjectRDN(INT iCertIndex);

char* secureblackbox_jadessigner_getcertsubjectrdn(void* lpObj, int certindex);

QString GetCertSubjectRDN(int iCertIndex);

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertValidFrom Property (JAdESSigner Class)

The time point at which the certificate becomes valid, in UTC.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertValidFrom(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertValidFrom(INT iCertIndex);

char* secureblackbox_jadessigner_getcertvalidfrom(void* lpObj, int certindex);

QString GetCertValidFrom(int iCertIndex);

Default Value

""

Remarks

The time point at which the certificate becomes valid, in UTC.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertValidTo Property (JAdESSigner Class)

The time point at which the certificate expires, in UTC.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertValidTo(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertValidTo(INT iCertIndex);

char* secureblackbox_jadessigner_getcertvalidto(void* lpObj, int certindex);

QString GetCertValidTo(int iCertIndex);

Default Value

""

Remarks

The time point at which the certificate expires, in UTC.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CompactForm Property (JAdESSigner Class)

Specifies if the JWS compact serialization to be used.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCompactForm();
int SetCompactForm(int bCompactForm);

Unicode (Windows)
BOOL GetCompactForm();
INT SetCompactForm(BOOL bCompactForm);

int secureblackbox_jadessigner_getcompactform(void* lpObj);
int secureblackbox_jadessigner_setcompactform(void* lpObj, int bCompactForm);

bool GetCompactForm();
int SetCompactForm(bool bCompactForm);

Default Value

FALSE

Remarks

When this property is set to "true" value, the JAdES component will use the JWS compact serialization format when saving a signature.

The JWS compact serialization format is a compact, Url safe representation of a JWS (JSON Web Signature) or JWE (JSON Web Encryption) object, used for transmitting security tokens.

The JWS compact serialization format supports only one signature without unprotected header (only JWS or JAdES BaselineB signature).

Data Type

Boolean

ContentType Property (JAdESSigner Class)

Specifies payload content type.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetContentType();
int SetContentType(const char* lpszContentType);

Unicode (Windows)
LPWSTR GetContentType();
INT SetContentType(LPCWSTR lpszContentType);

char* secureblackbox_jadessigner_getcontenttype(void* lpObj);
int secureblackbox_jadessigner_setcontenttype(void* lpObj, const char* lpszContentType);

QString GetContentType();
int SetContentType(QString qsContentType);

Default Value

""

Remarks

Use this property to indicate the content type of the JWS Payload.

This property provides a way for the application to disambiguate among different kinds of objects that might be present in the payload, but it is typically not used when the kind of object is already known. The value of this property is a string that conforms to the Internet Media Type (MIME) format, such as "text/plain" or "application/json".

It is optional to use this property and it is recommended to omit the "application/" prefix of the media type value when it is not needed. The recipient of the signed message should treat the value as if "application/" were prepended to it, unless it already contains a '/'.

Data Type

String

CRLCount Property (JAdESSigner Class)

The number of records in the CRL arrays.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCRLCount();

Unicode (Windows)
INT GetCRLCount();

int secureblackbox_jadessigner_getcrlcount(void* lpObj);

int GetCRLCount();

Default Value

0

Remarks

This property controls the size of the following arrays:

• CRLBytes
• CRLHandle
• CRLIssuer
• CRLIssuerRDN
• CRLLocation
• CRLNextUpdate
• CRLThisUpdate

The array indices start at 0 and end at CRLCount - 1.

This property is read-only and not available at design time.

Data Type

Integer

CRLBytes Property (JAdESSigner Class)

Returns the raw CRL data in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCRLBytes(int iCRLIndex, char* &lpCRLBytes, int &lenCRLBytes);

Unicode (Windows)
INT GetCRLBytes(INT iCRLIndex, LPSTR &lpCRLBytes, INT &lenCRLBytes);

int secureblackbox_jadessigner_getcrlbytes(void* lpObj, int crlindex, char** lpCRLBytes, int* lenCRLBytes);

QByteArray GetCRLBytes(int iCRLIndex);

Remarks

Returns the raw CRL data in DER format.

The CRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CRLHandle Property (JAdESSigner Class)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int64 GetCRLHandle(int iCRLIndex);

Unicode (Windows)
LONG64 GetCRLHandle(INT iCRLIndex);

int64 secureblackbox_jadessigner_getcrlhandle(void* lpObj, int crlindex);

qint64 GetCRLHandle(int iCRLIndex);

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation.

 
 Copy
  pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The CRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.

This property is read-only and not available at design time.

Data Type

Long64

CRLIssuer Property (JAdESSigner Class)

The common name of the CRL issuer (CA), typically a company name.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCRLIssuer(int iCRLIndex);

Unicode (Windows)
LPWSTR GetCRLIssuer(INT iCRLIndex);

char* secureblackbox_jadessigner_getcrlissuer(void* lpObj, int crlindex);

QString GetCRLIssuer(int iCRLIndex);

Default Value

""

Remarks

The common name of the CRL issuer (CA), typically a company name.

The CRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.

This property is read-only and not available at design time.

Data Type

String

CRLIssuerRDN Property (JAdESSigner Class)

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the CRL issuer.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCRLIssuerRDN(int iCRLIndex);

Unicode (Windows)
LPWSTR GetCRLIssuerRDN(INT iCRLIndex);

char* secureblackbox_jadessigner_getcrlissuerrdn(void* lpObj, int crlindex);

QString GetCRLIssuerRDN(int iCRLIndex);

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the CRL issuer.

The CRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.

This property is read-only and not available at design time.

Data Type

String

CRLLocation Property (JAdESSigner Class)

The URL that the CRL was downloaded from.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCRLLocation(int iCRLIndex);

Unicode (Windows)
LPWSTR GetCRLLocation(INT iCRLIndex);

char* secureblackbox_jadessigner_getcrllocation(void* lpObj, int crlindex);

QString GetCRLLocation(int iCRLIndex);

Default Value

""

Remarks

The URL that the CRL was downloaded from.

The CRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.

This property is read-only and not available at design time.

Data Type

String

CRLNextUpdate Property (JAdESSigner Class)

The planned time and date of the next version of this CRL to be published.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCRLNextUpdate(int iCRLIndex);

Unicode (Windows)
LPWSTR GetCRLNextUpdate(INT iCRLIndex);

char* secureblackbox_jadessigner_getcrlnextupdate(void* lpObj, int crlindex);

QString GetCRLNextUpdate(int iCRLIndex);

Default Value

""

Remarks

The planned time and date of the next version of this CRL to be published.

The CRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.

This property is read-only and not available at design time.

Data Type

String

CRLThisUpdate Property (JAdESSigner Class)

The date and time at which this version of the CRL was published.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCRLThisUpdate(int iCRLIndex);

Unicode (Windows)
LPWSTR GetCRLThisUpdate(INT iCRLIndex);

char* secureblackbox_jadessigner_getcrlthisupdate(void* lpObj, int crlindex);

QString GetCRLThisUpdate(int iCRLIndex);

Default Value

""

Remarks

The date and time at which this version of the CRL was published.

The CRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.

This property is read-only and not available at design time.

Data Type

String

DataBytes Property (JAdESSigner Class)

Use this property to pass a payload or an object data to class in the byte array form.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetDataBytes(char* &lpDataBytes, int &lenDataBytes);
int SetDataBytes(const char* lpDataBytes, int lenDataBytes);

Unicode (Windows)
INT GetDataBytes(LPSTR &lpDataBytes, INT &lenDataBytes);
INT SetDataBytes(LPCSTR lpDataBytes, INT lenDataBytes);

int secureblackbox_jadessigner_getdatabytes(void* lpObj, char** lpDataBytes, int* lenDataBytes);
int secureblackbox_jadessigner_setdatabytes(void* lpObj, const char* lpDataBytes, int lenDataBytes);

QByteArray GetDataBytes();
int SetDataBytes(QByteArray qbaDataBytes);

Remarks

Assign a byte array containing a JWS payload or an object data to be processed to this property.

This property is not available at design time.

Data Type

Byte Array

DataFile Property (JAdESSigner Class)

A path to a file containing a payload or an object data.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetDataFile();
int SetDataFile(const char* lpszDataFile);

Unicode (Windows)
LPWSTR GetDataFile();
INT SetDataFile(LPCWSTR lpszDataFile);

char* secureblackbox_jadessigner_getdatafile(void* lpObj);
int secureblackbox_jadessigner_setdatafile(void* lpObj, const char* lpszDataFile);

QString GetDataFile();
int SetDataFile(QString qsDataFile);

Default Value

""

Remarks

Use this property to provide a JWS payload or an object data to be processed.

Data Type

String

DataString Property (JAdESSigner Class)

Use this property to pass a payload or an object data to class in the string form.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetDataString();
int SetDataString(const char* lpszDataString);

Unicode (Windows)
LPWSTR GetDataString();
INT SetDataString(LPCWSTR lpszDataString);

char* secureblackbox_jadessigner_getdatastring(void* lpObj);
int secureblackbox_jadessigner_setdatastring(void* lpObj, const char* lpszDataString);

QString GetDataString();
int SetDataString(QString qsDataString);

Default Value

""

Remarks

Assign a string containing a JWS payload or an object data to be processed to this property.

This property is not available at design time.

Data Type

String

Detached Property (JAdESSigner Class)

Specifies whether a detached signature should be produced or verified.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetDetached();
int SetDetached(int bDetached);

Unicode (Windows)
BOOL GetDetached();
INT SetDetached(BOOL bDetached);

int secureblackbox_jadessigner_getdetached(void* lpObj);
int secureblackbox_jadessigner_setdetached(void* lpObj, int bDetached);

bool GetDetached();
int SetDetached(bool bDetached);

Default Value

FALSE

Remarks

Use this property to specify whether a detached signature should be produced or verified.

When this property is set to "true" value, the JWS payload will be detached from the signature and may either be a single detached object or the result of concatenating multiple detached data objects. In other words, the JWS payload and the signature are stored in separate objects.

If this property is set to "true" value, the user must provide the detached content via the DataFile or DataStream or DataBytes or DataString properties.

When Detached is set to "false" value, the JWS payload is included with the signature as a single object.

Data Type

Boolean

ExternalCryptoAsyncDocumentID Property (JAdESSigner Class)

Specifies an optional document ID for SignAsyncBegin() and SignAsyncEnd() calls.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetExternalCryptoAsyncDocumentID();
int SetExternalCryptoAsyncDocumentID(const char* lpszExternalCryptoAsyncDocumentID);

Unicode (Windows)
LPWSTR GetExternalCryptoAsyncDocumentID();
INT SetExternalCryptoAsyncDocumentID(LPCWSTR lpszExternalCryptoAsyncDocumentID);

char* secureblackbox_jadessigner_getexternalcryptoasyncdocumentid(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptoasyncdocumentid(void* lpObj, const char* lpszExternalCryptoAsyncDocumentID);

QString GetExternalCryptoAsyncDocumentID();
int SetExternalCryptoAsyncDocumentID(QString qsExternalCryptoAsyncDocumentID);

Default Value

""

Remarks

Specifies an optional document ID for SignAsyncBegin() and SignAsyncEnd() calls.

Use this property when working with multi-signature DCAuth requests and responses to uniquely identify documents signed within a larger batch. On the completion stage, this value helps the signing component identify the correct signature in the returned batch of responses.

If using batched requests, make sure to set this property to the same value on both the pre-signing (SignAsyncBegin) and completion (SignAsyncEnd) stages.

Data Type

String

ExternalCryptoCustomParams Property (JAdESSigner Class)

Custom parameters to be passed to the signing service (uninterpreted).

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetExternalCryptoCustomParams();
int SetExternalCryptoCustomParams(const char* lpszExternalCryptoCustomParams);

Unicode (Windows)
LPWSTR GetExternalCryptoCustomParams();
INT SetExternalCryptoCustomParams(LPCWSTR lpszExternalCryptoCustomParams);

char* secureblackbox_jadessigner_getexternalcryptocustomparams(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptocustomparams(void* lpObj, const char* lpszExternalCryptoCustomParams);

QString GetExternalCryptoCustomParams();
int SetExternalCryptoCustomParams(QString qsExternalCryptoCustomParams);

Default Value

""

Remarks

Custom parameters to be passed to the signing service (uninterpreted).

This property is not available at design time.

Data Type

String

ExternalCryptoData Property (JAdESSigner Class)

Additional data to be included in the async state and mirrored back by the requestor.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetExternalCryptoData();
int SetExternalCryptoData(const char* lpszExternalCryptoData);

Unicode (Windows)
LPWSTR GetExternalCryptoData();
INT SetExternalCryptoData(LPCWSTR lpszExternalCryptoData);

char* secureblackbox_jadessigner_getexternalcryptodata(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptodata(void* lpObj, const char* lpszExternalCryptoData);

QString GetExternalCryptoData();
int SetExternalCryptoData(QString qsExternalCryptoData);

Default Value

""

Remarks

Additional data to be included in the async state and mirrored back by the requestor.

This property is not available at design time.

Data Type

String

ExternalCryptoExternalHashCalculation Property (JAdESSigner Class)

Specifies whether the message hash is to be calculated at the external endpoint.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetExternalCryptoExternalHashCalculation();
int SetExternalCryptoExternalHashCalculation(int bExternalCryptoExternalHashCalculation);

Unicode (Windows)
BOOL GetExternalCryptoExternalHashCalculation();
INT SetExternalCryptoExternalHashCalculation(BOOL bExternalCryptoExternalHashCalculation);

int secureblackbox_jadessigner_getexternalcryptoexternalhashcalculation(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptoexternalhashcalculation(void* lpObj, int bExternalCryptoExternalHashCalculation);

bool GetExternalCryptoExternalHashCalculation();
int SetExternalCryptoExternalHashCalculation(bool bExternalCryptoExternalHashCalculation);

Default Value

FALSE

Remarks

Specifies whether the message hash is to be calculated at the external endpoint. Please note that this mode is not supported by the DCAuth class.

If set to true, the class will pass a few kilobytes of to-be-signed data from the document to the OnExternalSign event. This only applies when SignExternal() is called.

Data Type

Boolean

ExternalCryptoHashAlgorithm Property (JAdESSigner Class)

Specifies the request's signature hash algorithm.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetExternalCryptoHashAlgorithm();
int SetExternalCryptoHashAlgorithm(const char* lpszExternalCryptoHashAlgorithm);

Unicode (Windows)
LPWSTR GetExternalCryptoHashAlgorithm();
INT SetExternalCryptoHashAlgorithm(LPCWSTR lpszExternalCryptoHashAlgorithm);

char* secureblackbox_jadessigner_getexternalcryptohashalgorithm(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptohashalgorithm(void* lpObj, const char* lpszExternalCryptoHashAlgorithm);

QString GetExternalCryptoHashAlgorithm();
int SetExternalCryptoHashAlgorithm(QString qsExternalCryptoHashAlgorithm);

Default Value

"SHA256"

Remarks

Specifies the request's signature hash algorithm.

Data Type

String

ExternalCryptoKeyID Property (JAdESSigner Class)

The ID of the pre-shared key used for DC request authentication.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetExternalCryptoKeyID();
int SetExternalCryptoKeyID(const char* lpszExternalCryptoKeyID);

Unicode (Windows)
LPWSTR GetExternalCryptoKeyID();
INT SetExternalCryptoKeyID(LPCWSTR lpszExternalCryptoKeyID);

char* secureblackbox_jadessigner_getexternalcryptokeyid(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptokeyid(void* lpObj, const char* lpszExternalCryptoKeyID);

QString GetExternalCryptoKeyID();
int SetExternalCryptoKeyID(QString qsExternalCryptoKeyID);

Default Value

""

Remarks

The ID of the pre-shared key used for DC request authentication.

Asynchronous DCAuth-driven communication requires that parties authenticate each other with a secret pre-shared cryptographic key. This provides an extra protection layer for the protocol and diminishes the risk of the private key becoming abused by foreign parties. Use this property to provide the pre-shared key identifier, and use ExternalCryptoKeySecret to pass the key itself.

The same KeyID/KeySecret pair should be used on the DCAuth side for the signing requests to be accepted.

Note: The KeyID/KeySecret scheme is very similar to the AuthKey scheme used in various Cloud service providers to authenticate users.

Example:

 
 Copy
  signer.ExternalCrypto.KeyID = "MainSigningKey";
  signer.ExternalCrypto.KeySecret = "abcdef0123456789";

Data Type

String

ExternalCryptoKeySecret Property (JAdESSigner Class)

The pre-shared key used for DC request authentication.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetExternalCryptoKeySecret();
int SetExternalCryptoKeySecret(const char* lpszExternalCryptoKeySecret);

Unicode (Windows)
LPWSTR GetExternalCryptoKeySecret();
INT SetExternalCryptoKeySecret(LPCWSTR lpszExternalCryptoKeySecret);

char* secureblackbox_jadessigner_getexternalcryptokeysecret(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptokeysecret(void* lpObj, const char* lpszExternalCryptoKeySecret);

QString GetExternalCryptoKeySecret();
int SetExternalCryptoKeySecret(QString qsExternalCryptoKeySecret);

Default Value

""

Remarks

The pre-shared key used for DC request authentication. This key must be set and match the key used by the DCAuth counterpart for the scheme to work.

Read more about configuring authentication in the ExternalCryptoKeyID topic.

Data Type

String

ExternalCryptoMethod Property (JAdESSigner Class)

Specifies the asynchronous signing method.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetExternalCryptoMethod();
int SetExternalCryptoMethod(int iExternalCryptoMethod);

Unicode (Windows)
INT GetExternalCryptoMethod();
INT SetExternalCryptoMethod(INT iExternalCryptoMethod);

ASMD_PKCS1(0), 
ASMD_PKCS7(1)

int secureblackbox_jadessigner_getexternalcryptomethod(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptomethod(void* lpObj, int iExternalCryptoMethod);

int GetExternalCryptoMethod();
int SetExternalCryptoMethod(int iExternalCryptoMethod);

Default Value

0

Remarks

Specifies the asynchronous signing method. This is typically defined by the DC server capabilities and setup.

Available options:

Data Type

Integer

ExternalCryptoMode Property (JAdESSigner Class)

Specifies the external cryptography mode.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetExternalCryptoMode();
int SetExternalCryptoMode(int iExternalCryptoMode);

Unicode (Windows)
INT GetExternalCryptoMode();
INT SetExternalCryptoMode(INT iExternalCryptoMode);

ECM_DEFAULT(0), 
ECM_DISABLED(1), 
ECM_GENERIC(2), 
ECM_DCAUTH(3), 
ECM_DCAUTH_JSON(4)

int secureblackbox_jadessigner_getexternalcryptomode(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptomode(void* lpObj, int iExternalCryptoMode);

int GetExternalCryptoMode();
int SetExternalCryptoMode(int iExternalCryptoMode);

Default Value

0

Remarks

Specifies the external cryptography mode.

Available options:

This property is not available at design time.

Data Type

Integer

ExternalCryptoPublicKeyAlgorithm Property (JAdESSigner Class)

Provide the public key algorithm here if the certificate is not available on the pre-signing stage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetExternalCryptoPublicKeyAlgorithm();
int SetExternalCryptoPublicKeyAlgorithm(const char* lpszExternalCryptoPublicKeyAlgorithm);

Unicode (Windows)
LPWSTR GetExternalCryptoPublicKeyAlgorithm();
INT SetExternalCryptoPublicKeyAlgorithm(LPCWSTR lpszExternalCryptoPublicKeyAlgorithm);

char* secureblackbox_jadessigner_getexternalcryptopublickeyalgorithm(void* lpObj);
int secureblackbox_jadessigner_setexternalcryptopublickeyalgorithm(void* lpObj, const char* lpszExternalCryptoPublicKeyAlgorithm);

QString GetExternalCryptoPublicKeyAlgorithm();
int SetExternalCryptoPublicKeyAlgorithm(QString qsExternalCryptoPublicKeyAlgorithm);

Default Value

""

Remarks

Provide the public key algorithm here if the certificate is not available on the pre-signing stage.

Data Type

String

ExtractPayload Property (JAdESSigner Class)

Specifies whether a payload should be extracted.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetExtractPayload();
int SetExtractPayload(int bExtractPayload);

Unicode (Windows)
BOOL GetExtractPayload();
INT SetExtractPayload(BOOL bExtractPayload);

int secureblackbox_jadessigner_getextractpayload(void* lpObj);
int secureblackbox_jadessigner_setextractpayload(void* lpObj, int bExtractPayload);

bool GetExtractPayload();
int SetExtractPayload(bool bExtractPayload);

Default Value

FALSE

Remarks

Use this property to specify whether a payload should be extracted when signature loaded. This applies only to non-detached signatures with a payload.

When this property is set to "true" value, the JWS payload will be extracted from the signature.

The user must provide the OutputFile or OutputStream properties with a filename or stream where to save the payload, if none is provided then payload is returned via OutputBytes or OutputString properties.

Data Type

Boolean

FIPSMode Property (JAdESSigner Class)

Reserved.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetFIPSMode();
int SetFIPSMode(int bFIPSMode);

Unicode (Windows)
BOOL GetFIPSMode();
INT SetFIPSMode(BOOL bFIPSMode);

int secureblackbox_jadessigner_getfipsmode(void* lpObj);
int secureblackbox_jadessigner_setfipsmode(void* lpObj, int bFIPSMode);

bool GetFIPSMode();
int SetFIPSMode(bool bFIPSMode);

Default Value

FALSE

Remarks

This property is reserved for future use.

Data Type

Boolean

FlattenedSignature Property (JAdESSigner Class)

Specifies if the flattened signature to be used.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetFlattenedSignature();
int SetFlattenedSignature(int bFlattenedSignature);

Unicode (Windows)
BOOL GetFlattenedSignature();
INT SetFlattenedSignature(BOOL bFlattenedSignature);

int secureblackbox_jadessigner_getflattenedsignature(void* lpObj);
int secureblackbox_jadessigner_setflattenedsignature(void* lpObj, int bFlattenedSignature);

bool GetFlattenedSignature();
int SetFlattenedSignature(bool bFlattenedSignature);

Default Value

TRUE

Remarks

This property determines whether to use the flattened JWS JSON serialization format. This format is optimized for the single digital signature case and flattens the general JWS JSON serialization syntax by removing the "signatures" member and instead placing the "protected", "header", and "signature" members at the top-level JSON object (at the same level as the "payload" member).

When the FlattenedSignature property is set to "true" value, the signature will be represented using the flattened JWS JSON serialization format, but it is only applicable when there is a single signature involved.

When the property is set to "false" value, the signature will be represented using the general JWS JSON serialization format.

Data Type

Boolean

IgnoreChainValidationErrors Property (JAdESSigner Class)

Makes the class tolerant to chain validation errors.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetIgnoreChainValidationErrors();
int SetIgnoreChainValidationErrors(int bIgnoreChainValidationErrors);

Unicode (Windows)
BOOL GetIgnoreChainValidationErrors();
INT SetIgnoreChainValidationErrors(BOOL bIgnoreChainValidationErrors);

int secureblackbox_jadessigner_getignorechainvalidationerrors(void* lpObj);
int secureblackbox_jadessigner_setignorechainvalidationerrors(void* lpObj, int bIgnoreChainValidationErrors);

bool GetIgnoreChainValidationErrors();
int SetIgnoreChainValidationErrors(bool bIgnoreChainValidationErrors);

Default Value

FALSE

Remarks

If this property is set to True, any errors emerging during certificate chain validation will be ignored. This setting may be handy if the purpose of validation is the creation of an LTV signature, and the validation is performed in an environment that doesn't trust the signer's certificate chain.

Data Type

Boolean

InputBytes Property (JAdESSigner Class)

Use this property to pass the input to class in byte array form.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetInputBytes(char* &lpInputBytes, int &lenInputBytes);
int SetInputBytes(const char* lpInputBytes, int lenInputBytes);

Unicode (Windows)
INT GetInputBytes(LPSTR &lpInputBytes, INT &lenInputBytes);
INT SetInputBytes(LPCSTR lpInputBytes, INT lenInputBytes);

int secureblackbox_jadessigner_getinputbytes(void* lpObj, char** lpInputBytes, int* lenInputBytes);
int secureblackbox_jadessigner_setinputbytes(void* lpObj, const char* lpInputBytes, int lenInputBytes);

QByteArray GetInputBytes();
int SetInputBytes(QByteArray qbaInputBytes);

Remarks

Assign a byte array containing the data to be processed to this property.

This property is not available at design time.

Data Type

Byte Array

InputFile Property (JAdESSigner Class)

The file to be signed.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetInputFile();
int SetInputFile(const char* lpszInputFile);

Unicode (Windows)
LPWSTR GetInputFile();
INT SetInputFile(LPCWSTR lpszInputFile);

char* secureblackbox_jadessigner_getinputfile(void* lpObj);
int secureblackbox_jadessigner_setinputfile(void* lpObj, const char* lpszInputFile);

QString GetInputFile();
int SetInputFile(QString qsInputFile);

Default Value

""

Remarks

Provide the path to the JSON to be signed.

Data Type

String

InputString Property (JAdESSigner Class)

Use this property to pass the input to class in the string form.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetInputString();
int SetInputString(const char* lpszInputString);

Unicode (Windows)
LPWSTR GetInputString();
INT SetInputString(LPCWSTR lpszInputString);

char* secureblackbox_jadessigner_getinputstring(void* lpObj);
int secureblackbox_jadessigner_setinputstring(void* lpObj, const char* lpszInputString);

QString GetInputString();
int SetInputString(QString qsInputString);

Default Value

""

Remarks

Assign a string containing the data to be processed to this property.

This property is not available at design time.

Data Type

String

KnownCertCount Property (JAdESSigner Class)

The number of records in the KnownCert arrays.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetKnownCertCount();
int SetKnownCertCount(int iKnownCertCount);

Unicode (Windows)
INT GetKnownCertCount();
INT SetKnownCertCount(INT iKnownCertCount);

int secureblackbox_jadessigner_getknowncertcount(void* lpObj);
int secureblackbox_jadessigner_setknowncertcount(void* lpObj, int iKnownCertCount);

int GetKnownCertCount();
int SetKnownCertCount(int iKnownCertCount);

Default Value

0

Remarks

This property controls the size of the following arrays:

• KnownCertBytes
• KnownCertHandle

The array indices start at 0 and end at KnownCertCount - 1.

This property is not available at design time.

Data Type

Integer

KnownCertBytes Property (JAdESSigner Class)

Returns the raw certificate data in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetKnownCertBytes(int iKnownCertIndex, char* &lpKnownCertBytes, int &lenKnownCertBytes);

Unicode (Windows)
INT GetKnownCertBytes(INT iKnownCertIndex, LPSTR &lpKnownCertBytes, INT &lenKnownCertBytes);

int secureblackbox_jadessigner_getknowncertbytes(void* lpObj, int knowncertindex, char** lpKnownCertBytes, int* lenKnownCertBytes);

QByteArray GetKnownCertBytes(int iKnownCertIndex);

Remarks

Returns the raw certificate data in DER format.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

KnownCertHandle Property (JAdESSigner Class)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int64 GetKnownCertHandle(int iKnownCertIndex);
int SetKnownCertHandle(int iKnownCertIndex, int64 lKnownCertHandle);

Unicode (Windows)
LONG64 GetKnownCertHandle(INT iKnownCertIndex);
INT SetKnownCertHandle(INT iKnownCertIndex, LONG64 lKnownCertHandle);

int64 secureblackbox_jadessigner_getknowncerthandle(void* lpObj, int knowncertindex);
int secureblackbox_jadessigner_setknowncerthandle(void* lpObj, int knowncertindex, int64 lKnownCertHandle);

qint64 GetKnownCertHandle(int iKnownCertIndex);
int SetKnownCertHandle(int iKnownCertIndex, qint64 lKnownCertHandle);

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation.

 
 Copy
  pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.