The Preserve_register method

Allows the qualified SecuSign service to preserve electronic signatures in a document provided with a recognized, qualified, or advanced electronic signature, seal and/or qualified electronic time stamp. During registration, the document is provided with a qualified electronic time stamp to unambiguously determine the time when the service registered the document.

Service description including WSDL schema, and an example request and response for SOAP 1.1 and SOAP 1.2 are located at https://localhost/secusign/default.asmx?op=Preserve_register.

Localhost is the name used for the local computer; write the SDK server name/IP address instead (according to the settings in IIS).

Request in SOAP 1.1 interface

POST /secusign/default.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: length
SOAPAction: "http://software602.com/secusign/Preserve_register"

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Body>
    <Preserve_register xmlns="http://software602.com/secusign/">
      <FileName>string</FileName>
      <FileData>base64Binary</FileData>
      <FileType>UNKNOWN or CMSPKCS7 or CMSPKCS7Ext or PDF or XML or XML602FORM or XMLISDOC or ASiC_S_CAdES or ASiC_S_XAdES or ASiC_S_Tst or ASiC_E_CAdES_Tst or ASiC_E_XAdES or MS_WORD or MS_EXCEL or MS_PWR_PNT or ODF</FileType>
      <ExternalSignatureFileName>string</ExternalSignatureFileName>
      <ExternalSignature>base64Binary</ExternalSignature>
      <SigValidityCondition>ALL or AT_LEAST_ONE or LAST</SigValidityCondition>
      <Properties>
        <AddTimeStampIfNeeded>boolean</AddTimeStampIfNeeded>
      </Properties>
      <SortInfo>string</SortInfo>
      <UserComment>string</UserComment>
      <Params>string</Params>
    </Preserve_register>
  </soap:Body>
</soap:Envelope>

Input parameters of the method

<FileName>

[mandatory element]

Input Description

String

Name of input file (including extension) to be preserved. Example: Document.pdf.

Max. 260 characters.

<FileData>

[mandatory element]

Input Description

Base64Binary

Input file data encoded in base64.

<FileType>

[mandatory element]

Input Description

UNKNOWN

Unknown document type.

CMSPKCS7

Document signed with an internal CMS/PKCS7 signature, e.g., Data messages from the Data Mailbox Information System.

CMSPKCS7Ext

Document signed with an external CMS/PKCS7 signature, e.g., Data messages from the Data Mailbox Information System.

PDF

PDF document.

XML

XML data.

XML602FORM

FO/ZFO forms for Software602 Form Filler.

XMLISDOC

Signed XML ISDOC data.

ASiC_S_CAdES

ASiC-Simple with CAdES signature.

ASiC_S_XAdES

ASiC-Simple with XAdES signature.

ASiC_S_Tst

ASiC-Simple with a Timestamp.

ASiC_E_CAdES_Tst

ASiC-Extended with CAdES signature or Timestamp.

ASiC_E_XAdES

ASiC-Extended with XAdES signature.

MS_WORD

MS Word document.

MS_EXCEL

MS Excel document.

MS_PWR_PNT

MS PowerPoint document.

ODF

OpenDocumentFormat (OpenOffice).

<ExternalSignatureFileName>

[optional element]

Input Description

string

External signature file name (including extension). Only if such a signature has been created for the document.

<ExternalSignature>

[optional element]

Input Description

Base64Binary

External signature data encoded in Base64. Only if such a signature has been created for the document.

<SigValidityCondition>

[mandatory element]

Input Description

String

Signature validity conditions. Values:

  • ALL – all signatures must be validable.

  • AT_LEAST_ONE – at least one of the signatures must be validable.

  • LAST – the last signature must be validable.

Validable means valid or revoked. A situation in which the certificate validity cannot be unambiguously determined is not accepted.

<Properties>

<AddTimestampIfNeeded>

[optional element]

Input Description

Boolean

It will try to preserve the signed file, which is without a stamp (BaseLine-B). If the signature is otherwise valid, a stamp is added, and the document is registered for preservation. Otherwise, an error is returned stating that the file could not be preserved.

</Properties>

<SortInfo>

[optional element]

Input Description

String

Sorting details – e.g., folder name or structure of nested folders in which the document is registered with the user. Max. 100 characters.

<UserComment>

[optional element]

Input Description

String

User comment or description for the preserved document.

<Params>

[optional element]

Input Description

String

Optional, contains other parameters. Not in use yet.

Response structure

HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: length

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Body>
    <Preserve_registerResponse xmlns="http://software602.com/secusign/">
      <Preserve_registerResult>int</Preserve_registerResult>
      <OutputData>base64Binary</OutputData>
      <PreservationInfo>
        <CreationDateTime>dateTime</CreationDateTime>
        <docId>string</docId>
        <fileName>string</fileName>
        <fileSize>long</fileSize>
        <sortInfo>string</sortInfo>
        <lastUpdate>dateTime</lastUpdate>
        <expiration>dateTime</expiration>
        <docDataHash>base64Binary</docDataHash>
        <docDataHashAlg>string</docDataHashAlg>
        <currSignHashAlg>string</currSignHashAlg>
        <sigValidityCondition>ALL or AT_LEAST_ONE or LAST</sigValidityCondition>
        <sigsPreservationStatus>
          <PreservationInfo>
            <sid>string</sid>
            <sigStatus xsi:nil="true" />
            <extendedValidationEndDate>dateTime</extendedValidationEndDate>
            <signingCertSubject>string</signingCertSubject>
            <bIsDocTimeStamp>boolean</bIsDocTimeStamp>
            <procesStatus>string</procesStatus>
          </PreservationInfo>
          <PreservationInfo>
            <sid>string</sid>
            <sigStatus xsi:nil="true" />
            <extendedValidationEndDate>dateTime</extendedValidationEndDate>
            <signingCertSubject>string</signingCertSubject>
            <bIsDocTimeStamp>boolean</bIsDocTimeStamp>
            <procesStatus>string</procesStatus>
          </PreservationInfo>
        </sigsPreservationStatus>
        <preservationHistory>
          <PreservationRecord>
            <id>int</id>
            <operationTime>dateTime</operationTime>
            <operationType>REGISTER or UPDATE or UNREGISTER or UNKNOWN</operationType>
            <operationStatus>int</operationStatus>
            <operationStatusInfo>string</operationStatusInfo>
            <fileName>string</fileName>
            <fileSize>long</fileSize>
            <hashIn>string</hashIn>
            <hashOut>string</hashOut>
            <userComment>string</userComment>
          </PreservationRecord>
          <PreservationRecord>
            <id>int</id>
            <operationTime>dateTime</operationTime>
            <operationType>REGISTER or UPDATE or UNREGISTER or UNKNOWN</operationType>
            <operationStatus>int</operationStatus>
            <operationStatusInfo>string</operationStatusInfo>
            <fileName>string</fileName>
            <fileSize>long</fileSize>
            <hashIn>string</hashIn>
            <hashOut>string</hashOut>
            <userComment>string</userComment>
          </PreservationRecord>
        </preservationHistory>
        <docType>string</docType>
      </PreservationInfo>
      <DocInfo>
        <CreationDateTime>dateTime</CreationDateTime>
        <FileName>string</FileName>
        <FileSize>long</FileSize>
        <ExtSigFileName>string</ExtSigFileName>
        <ExtSigFileSize>long</ExtSigFileSize>
        <PDFVersion>string</PDFVersion>
        <PDFNumOfPages>int</PDFNumOfPages>
        <docType>string</docType>
        <expiration>dateTime</expiration>
        <docDataHash>base64Binary</docDataHash>
        <docDataHashAlg>string</docDataHashAlg>
        <currSignHashAlg>string</currSignHashAlg>
        <globalStatus>string</globalStatus>
        <validationProperties>
          <ValidationTime>dateTime</ValidationTime>
          <CustomValidationTime>boolean</CustomValidationTime>
          <IgnoreNoPOE>boolean</IgnoreNoPOE>
          <UseClaimedTimeIfNoTS>boolean</UseClaimedTimeIfNoTS>
          <DontUseGracePeriodForQCerts>boolean</DontUseGracePeriodForQCerts>
        </validationProperties>
        <sigInfos>
          <SigInfo>
            <id>unsignedInt</id>
            <sid>string</sid>
            <DecisiveMoment>dateTime</DecisiveMoment>
            <DecisiveMomentSource>string</DecisiveMomentSource>
            <sigTimestamps xsi:nil="true" />
            <sigType>string</sigType>
            <xmlSignedReferences xsi:nil="true" />
            <pdfByteRange xsi:nil="true" />
            <hasFurtherChanges>boolean</hasFurtherChanges>
            <Reason>string</Reason>
            <Location>string</Location>
            <Contact>string</Contact>
          </SigInfo>
          <SigInfo>
            <id>unsignedInt</id>
            <sid>string</sid>
            <DecisiveMoment>dateTime</DecisiveMoment>
            <DecisiveMomentSource>string</DecisiveMomentSource>
            <sigTimestamps xsi:nil="true" />
            <sigType>string</sigType>
            <xmlSignedReferences xsi:nil="true" />
            <pdfByteRange xsi:nil="true" />
            <hasFurtherChanges>boolean</hasFurtherChanges>
            <Reason>string</Reason>
            <Location>string</Location>
            <Contact>string</Contact>
          </SigInfo>
        </sigInfos>
      </DocInfo>
      <StatusMessage>string</StatusMessage>
    </Preserve_registerResponse>
  </soap:Body>
</soap:Envelope>

Output parameters of the method

<Preserve_registerResult>

Return value Description

Int

Result of the Preserve_register (document preservation) method.

0 = OK, otherwise see Return codes of all methods and error described in StatusMessage.

<OutputData>

Return value Description

Base64Binary

Data of the preserved document with electronic signatures, encoded in Base64.

<PreservationInfo>

<CreationDateTime>

Return value Description

dateTime

Date and time of creating the report on preserving a document with electronic signatures.

<docID>

Return value Description

String

Unique identifier of the preserved document with electronic signatures. It was generated automatically during the preservation process in the SecuSign service. This identifier can be used with the Preserve_getInfo method to get details of the preserved document.

Max. 128 characters.

<fileName>

Return value Description

String

Name of the preserved document with electronic signatures. Max. 260 characters.

<fileSize>

Return value Description

Long

Size of the preserved document with electronic signatures.

<sortInfo>

Return value Description

String

Sorting details – e.g., folder name or structure of nested folders in which the document is registered with the user. Max. 100 characters.

<lastUpdate>

Return value Description

dateTime

Date and time of the last validity and validability extension for the document with electronic signatures.

<expiration>

Return value Description

dateTime

Date and time when the whole document’s validability expire. After this date it will not be possible to validate the signature certificates / seals / time stamps and provide further validability and validity of the document.

<docDataHash>

Return value Description

Base64Binary

Hash of the analyzed document encoded in Base64. The hash calculation algorithm is in the following docDataHashAlg element.

<docDataHashAlg>

Return value Description

String

The hash calculation algorithm for the analyzed document. The format is e.g.: 2.16.840.1.101.3.4.2.1.

<currSignHashAlg>

Return value Description

string

The hash calculation algorithm of the last signature.

Example: 2.16.840.1.101.3.4.2.1.

<sigValidityCondition>

Return value Description

string

Selected signature validity conditions at the time it was preserved. Values:

  • ALL – all signatures are valid.

  • AT_LEAST_ONE – at least one of the signatures is valid.

  • LAST – the last signature is valid.

<sigsPreservationStatus>

<PreservationInfo>

Repeating element based on the number of signatures in the document.

<sid>
Return value Description

string

Identifier of the preserved signature registered for the document by the SecuSign service.
<sigStatus>
<indication>
Return value Description

string

Signature validation status – indication. It may be one of the following values:

  • VALID - TOTAL_PASSED according to the ETSI[2].

  • INVALID - TOTAL_FAILED according to the ETSI[2].

  • INDETERMINATE – INDETERMINATE according to the ETSI[2] (may be temporary).

  • UNKNOWN.
<subindication>
Return value Description

string

Signature validation substatus - subindication. It may be one of the following values (According to the ETSI standard [2]):

  • VALID - The certificate was verifiably not revoked or expired at the time of signing, which means it is valid.

  • INVALID_REVOKED - The signature certificate had been revoked before the time of signing. Signature is invalid.

  • INVALID_HASH_FAILURE - The hash of signed data does not match the hash in signature. Signature is invalid.

  • INVALID_SIG_CRYPTO_FAILURE - Could not verify relation between the public key and the signature. Signature is invalid.

  • INVALID_FORMAT_FAILURE - The signed data has not been recognized; the format is invalid. Signature is invalid.

  • INDETERMINATE_NO_CERTIFICATE_CHAIN_FOUND - Signature validity cannot be decided at this moment. The certificate chain for the signature certificate could not be built up to a trusted anchor due to an unknown or unavailable CA, therefore the relevant CRL lists could not be obtained.

  • INDETERMINATE_NO_POE - Signature validity cannot be decided at this moment. Not enough information to validate the signature. This happens for example when relevant CRL lists cannot be acquired.

  • INDETERMINATE_TRY_LATER - Temporary status. The signature validity cannot be reliably determined because the required time period (so-called grace period) has not passed and therefore relevant revocation data is unavailable yet. The signature is too fresh and cannot be validated before.

  • INDETERMINATE_SIGNED_DATA_NOT_FOUND - Signature validity cannot be decided at this moment. The signed data could not be found.

  • INDETERMINATE_UNKNOWN_SIGNING_TIME - Signature validity cannot be decided at this moment. The time of signing is unknown and therefore the signature validity cannot be reliably verified. Nevertheless, it has currently not been found invalid.

  • INDETERMINATE_UNTRUST_SIGNING_TIME - Signature validity cannot be decided at this moment. There is no trusted information about signing time from time stamp. Nevertheless, it has currently not been found invalid.

  • INDETERMINATE_GENERAL_ERROR - Signature validity cannot be decided at this moment. General error, contact the service administrator.

  • INDETERMINATE_REVOKED_NO_POE - Signature validity cannot be decided at this moment. Signing certificate was revoked at the validation date/time but uncertain signing time.

  • INDETERMINATE_REVOKED_CA_NO_POE - Signature validity cannot be decided at this moment. At least one certificate chain was found but an intermediate CA certificate is revoked.

  • INDETERMINATE_OUT_OF_BOUNDS_NO_POE - Signature validity cannot be decided at this moment. The signing certificate is expired or not yet valid at the validation date/time and the Signature Validation Algorithm cannot ascertain that the signing time lies within the validity interval of the signing certificate.

  • INDETERMINATE_EXPIRED - Signature validity cannot be decided at this moment. The signature’s certificate has expired. The signature has been created after the expiration date (notAfter) of the signing certificate.

  • INDETERMINATE_NOT_YET_VALID - Signature validity cannot be decided at this moment. The signature’s certificate was not yet valid at the time of verification. The signing time lies before the issuance date (notBefore) of the signing certificate.

  • INDETERMINATE_POLICY_PROCESSING_ERROR - Signature validity cannot be decided at this moment. A given formal policy file could not be processed for any reason (e.g. not accessible, not parseable, digest mismatch, etc.)

  • INDETERMINATE_TIMESTAMP_ORDER_FAILURE - Signature validity cannot be decided at this moment. Some constraints on the order of signature timestamps and/or signed data object(s) timestamps are not respected.

  • INDETERMINATE_SIG_CONSTRAINTS_FAILURE - Signature validity cannot be decided at this moment. Signature’s constraints were not fulfilled (missing some of signed attributes, bad policy, …​)

  • INDETERMINATE_CHAIN_CONSTRAINTS_FAILURE - Signature validity cannot be decided at this moment. General system error when building a path for the signing certificate.

  • INDETERMINATE_CRYPTO_CONSTRAINTS_FAILURE - At least one of the algorithms that have been used in material (e.g. the signature value, a certificate…​) involved in validating the signature, or the size of a key used with such an algorithm, is below the required cryptographic security level, and this material was produced after the time up to which this algorithm/key was considered secure (if such a time is known); and the material is not protected by a sufficiently strong time-stamp applied before the time up to which the algorithm/key was considered secure (if such a time is known).

</sigStatus>

<extendedValidationEndDate>
Return value Description

dateTime

Date and time until when the signature validability were extended.
<signingCertSubject>
Return value Description

string

Treated signature certificate identification.
<bISDocTimeStamp>
Return value Description

boolean

Specifies whether the signature is a standalone time stamp.
<procesStatus>
Return value Description

string

Signature treatment status at the time of preservation. Values:

  • None – The signature was not treated.

  • Full – The signature was fully treated.

  • Partial – The signature was treated partially (does not contain all validation data).

  • Unknown – Unknown status.

</PreservationInfo>

</sigsPreservationStatus>

<preservationHistory>

<PreservationRecord>
<id>
Return value Description

int

Identification of the operation performed.
<operationTime>
Return value Description

dateTime

Operation date and time.
<operationType>
Return value Description

PreserveOperation

Type of operation performed. Values:

  • REGISTER – preservation of a document with electronic signatures

  • UPDATE – validity and validability extension for a document’s electronic signatures

  • UNREGISTER – removal of a document from preservation in the SecuSign service

  • UNKNOWN – unknown operation type.
<operationStatus>
Return value Description

int

Operation status. 0 = OK.
<operationStatusInfo>
Return value Description

string

Text statement corresponding to the operation status.
<fileName>
Return value Description

string

Name of file whose signature was preserved. Max. 260 characters.
<fileSize>
Return value Description

string

Size of file whose signature was preserved.
<hashIn>
Return value Description

string

Hash of the input document file.
<hashOut>
Return value Description

string

Hash of the output document file.
<userComment>
Return value Description

string

User comment or description of the document.

</PreservationRecord>

</preservationHistory>

<docType>

Return value Description

UNKNOWN

Unknown document type

CMSPKCS7

Document signed with an internal CMS/PKCS7 signature, e.g. Data messages from the Data Mailbox Information System.

CMSPKCS7Ext

Document signed with an external CMS/PKCS7 signature, e.g. Data messages from the Data Mailbox Information System.

PDF

Signed PDF document.

XML

Signed XML data.

XML602FORM

FO/ZFO forms for Software602 Form Filler.

XMLISDOC

Signed XML ISDOC data.

ASiC_S_CAdES

ASiC-Simple with CAdES signature.

ASiC_S_XAdES

ASiC-Simple with XAdES signature.

ASiC_S_Tst

ASiC-Simple with Timestamp.

ASiC_E_CAdES_Tst

ASiC-Extended with CAdES signature or Timestamp.

ASiC_E_XAdES

ASiC-Extended with XAdES signature.

MS_WORD

Signed MS Word document.

MS_EXCEL

Signed MS Excel document.

MS_PWR_PNT

Signed MS PowerPoint document.

ODF

Signed OpenDocumentFormat (OpenOffice).

</PreservationInfo>

<DocInfo>

Element structure is only returned if the input document cannot be registered.

<CreationDateTime>

Return value Description

dateTime

Date and time of creating the preservation report.

<FileName>

Return value Description

string

Name of input file (including extension) whose signatures were validated.

Max. 260 characters.

<FileSize>

Return value Description

Long

Input file size (in bytes).

<PDFVersion>

Return value Description

string

PDF document version. E.g., 1.4, 1.5, 1.7.

<PDFNumOfPages>

Return value Description

Int

Number of pages in PDF document.

<docType>

Return value Description

UNKNOWN

Unknown document type

CMSPKCS7

Document signed with an internal CMS/PKCS7 signature, e.g. Data messages from the Data Mailbox Information System.

CMSPKCS7Ext

Document signed with an external CMS/PKCS7 signature, e.g. Data messages from the Data Mailbox Information System.

PDF

Signed PDF document.

XML

Signed XML data.

XML602FORM

FO/ZFO forms for Software602 Form Filler.

XMLISDOC

Signed XML ISDOC data.

ASiC_S_CAdES

ASiC-Simple with CAdES signature.

ASiC_S_XAdES

ASiC-Simple with XAdES signature.

ASiC_S_Tst

ASiC-Simple with Timestamp.

ASiC_E_CAdES_Tst

ASiC-Extended with CAdES signature or Timestamp.

ASiC_E_XAdES

ASiC-Extended with XAdES signature.

MS_WORD

Signed MS Word document.

MS_EXCEL

Signed MS Excel document.

MS_PWR_PNT

Signed MS PowerPoint document.

ODF

Signed OpenDocumentFormat (OpenOffice).

<expiration>

Return value Description

DateTime

Date and time when the whole document’s validability expire. After this date it will not be possible to validate the signature certificates and provide further validability, preservation and validity of the document.

<docDataHash>

Return value Description

Base64Binary

Hash of the analyzed document encoded in Base64. The hash calculation algorithm is in the following docDataHashAlg element.

<docDataHashAlg>

Return value Description

String

The hash calculation algorithm for the analyzed document.

The format is e.g.: 2.16.840.1.101.3.4.2.1.

<currSignHashAlg>

Return value Description

String

The hash calculation algorithm of the last signature. Example: 2.16.840.1.101.3.4.2.1

<globalStatus>

Return value Description

String

Sums up the document status based on all its signatures and time stamps. It may be one of the following values:

  • OK = 0 (All signatures and document time stamps are valid; TOTAL_PASSED according to the ETSI [2]).

  • WARNING = 1 (The validity of some signature certificates or document time stamps cannot be determined; INDETERMINATE according to the ETSI [2]).

  • ERROR = 2 (Some signatures or document time stamps are invalid, e.g., revoked certificate, violated document hash, changes after signing, etc.; (TOTAL_FAILED according to the ETSI [2]).

  • NO_SIGNATURES = 3 (The document does not contain any signatures or document time stamps).

<sigInfos>

<SigInfo>

Signature details (repeated element if there is more than one signature).

<status>
Return value Description

String

Resulting signature validation status according to the first version of the ETSI standard[1] concerning validation of PAdES, CAdES, XAdES and ASiC.
<statusEN>
Return value Description

String

Resulting signature validation status according to the current version of the ETSI standard [2] concerning validation of PAdES, CAdES, XAdES and ASiC, see the Indication and subIndication values in Preserve_register/update/getInfo.
<message>
Return value Description

string

Details of signature/seal/timestamp status validation, if available for the status.
<certType>
Return value Description

string

Type of signature/seal/timestamp certificate. It may be one of the following values:

  • COMMERCIAL = Commercial authentication certificate.

  • QUALIFIED = Qualified electronic signature/seal certificate issued by a qualified certificate issue service provider.

  • TRUSTED = Electronic signature/seal certificate issued by a qualified certificate issue service provider.

  • INTERNAL = Private certificate.

  • UNKNOWN = Unknown.

  • OST = Operating system’s trusted certificate.
<adesType>
Return value Description

string

Signature certificate type according to the AdES (Advanced Electronic Signature) standard.
<eidasType>
Return value Description

string

Signature certificate type according to the eIDAS regulation. It may be one of the following values:

  • ADVANCED_SIGNATURE = Advanced electronic signature.

  • ACREDITED_SIGNATURE = Recognized electronic signature (Advanced electronic signature based on a qualified certificate).

  • QUALIFIED_SIGNATURE = Recognized electronic signature (Qualified electronic signature based on a qualified certificate and created on a qualified device).

  • ADVANCED_SEAL = Advanced electronic seal.

  • TRUSTED_SEAL = Advanced electronic seal based on a certificate for electronic seals from a qualified trust service provider.

  • ACREDITED_SEAL = Recognized electronic seal (Advanced electronic seal based on a qualified certificate for electronic seals).

  • QUALIFIED_SEAL = Qualified electronic seal based on a qualified certificate from a qualified trust service provider.

  • TIMESTAMP = Electronic time stamp.

  • QUALIFIED_TIMESTAMP = Qualified electronic time stamp.
<baselineType>
Return value Description

string

Signature certificate type according to the Baseline profile. It may be one of the following values:

  • BaselineType_LEGACY=Does not match any Baseline profile.

  • CADES_B = CAdES B-B (Baseline B).

  • CADES_T = CAdES B-T (Baseline T).

  • CADES_LT = CAdES B-LT (Baseline LT).

  • CADES_LTA = CAdES B-LTA (Baseline LTA).

  • PADES_B = PAdES B-B (Baseline B).

  • PADES_T = PAdES B-T (Baseline T).

  • PADES_LT = PAdES B-LT (Baseline LT).

  • PADES_LTA = PAdES B-LTA (Baseline LTA).

  • XADES_B = XAdES B-B (Baseline B).

  • XADES_T = XAdES B-T (Baseline T).

  • XADES_LT = XAdES B-LT (Baseline LT).

  • XADES_LTA = XAdES B-LTA (Baseline LTA).

  • ASIC_B = ASiC B-B (Baseline B).

  • ASIC_T = ASiC B-T (Baseline T).

  • ASIC_LT = ASiC B-LT (Baseline LT).

  • ASIC_LTA = ASiC B-LTA (Baseline LTA).
<signCert>
<Name>
Return value Description

string

Name of the signing person as listed in the certificate.
<Subject>
Return value Description

string

Details from the certificate attribute Subject, e.g.:

  • CN = Common Name.

  • GN = Given Name.

  • SN = Surname.

  • SERIALNUMBER = Serial number.

  • C = Country.

  • L = Locality.

  • E = E-mail.

  • O = Organization.

  • OU = Organizational unit.

  • Pseudonyme = pseudonym.
<IssuerName>
Return value Description

string

Name of certificate issuer from CN in the Issuer attribute.
<Issuer>
Return value Description

string

Complete details of certificate issuer from the Issuer attribute.
<Serial>
Return value Description

string

Certificate serial number.
<NotBefore>
Return value Description

string

Certificate validity starting from.
<NotAfter>
Return value Description

string

Certificate validity until.
<Hash>
Return value Description

string

Hash of the certificate’s public key using the SHA256 algorithm.
<Data>
Return value Description

string

Data of the certificate’s public key.

</signCert>

<qcStatements>
<string>
Return value Description

string

The qualified certificate issuer’s statement as OID.

</qcStatements>

<qcType>
Return value Description

string

Type of signature/seal/timestamp certificate according to eIDAS, only for QUALIFIED and LEGACY CertType.
<signCertIsPseudonyme>
Return value Description

boolean

Specifies whether the (signature/seal/timestamp) certificate is issued for a pseudonym.
<time>
Return value Description

dateTime

Trusted time of signature/seal/timestamp.
<timeFromComputerClock>
Return value Description

dateTime

Time of signature/seal/timestamp from the author’s computer clock.
<validTo>
Return value Description

dateTime

Signature/seal/timestamp validity until.

<certPath>

<CertInfo>
Return value Description

dateTime

Signature/seal/timestamp validity until.
Name>
Return value Description

string

Name of the signing person as listed in the certificate.
<Subject>
Return value Description

string

Details from the certificate attribute Subject, e.g.:

  • CN=Common name.

  • GN=Given Name.

  • SN=Surname.

  • SERIALNUMBER=Serial number of the certificate.

  • C=Country.

  • L=Locality.

  • E=E-mail.

  • O= Organization.

  • OU=Organizational unit.

  • Pseudonym=pseudonym.
<IssuerName>
Return value Description

string

Name of certificate issuer from CN= in the Issuer attribute.
<Issuer>
Return value Description

string

Complete details of certificate issuer from the Issuer attribute.
<Serial>
Return value Description

string

Certificate serial number.
<NotBefore>
Return value Description

string

Certificate validity starting from.
<NotAfter>
Return value Description

string

Certificate validity until.
<Hash>
Return value Description

string

Hash of the certificate’s public key using the SHA256 algorithm.
<ServiceStatusUri>
Return value Description

String

Contains the whole Uri specifying the certificate’s service status on TSL, e.g., http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted.
<ServiceTypeUri>
Return value Description

String

Contains the whole Uri specifying the certificate’s service type on TSL, e.g., http://uri.etsi.org/TrstSvc/Svctype/CA/QC.
<IsTrustAnchor>
Return value Description

Boolean

Specifies whether the certificate is listed on TSL.
<Data>
Return value Description

string

Data of the certificate’s public key.

</certPath>

<crlPath>

<RevocationData>
<Type>
Return value Description

string

Revocation data type. May be one of the following: CRL, OCSP.
<Issuer>
Return value Description

string

Revocation data issuer (only for CRL).
<Serial>
Return value Description

string

Revocation data serial number (only for CRL).
<ThisUpdate>
Return value Description

dateTime

Date and time of last revocation data update.
<NextUpdate>
Return value Description

dateTime

Date and time of next revocation data update.
<Hash>
Return value Description

string

Revocation data hash.
<Data>
Return value Description

string

CRL revocation data in base64 that was used to validate signature/seal/timestamp.
<Source>
Return value Description

string

Revocation data source, may be one of the following values:

  • SECUSIGN - revocation data downloaded from the SecuSign server.

  • ONLINE - revocation data downloaded from its online source.

  • CUSTOM - revocation data provided by the user.

  • PADES_DSS_VRI - revocation data stored in a PDF document.

  • XADES_UNSIGNED_SIGNATURE_PROPERTIES - revocation data stored in the unsigned part of XAdES signature.

  • CADES_SIGNED_DATA - revocation data stored in the signed part of CAdES signature.

  • CADES_UNSIGNED_ATTRIBUTES - revocation data stored in the unsigned part of CAdES signature.

  • UNKNOWN - unknown source of revocation data or not specified.

  • CERTIFICATE_FROM_SIGNATURE - certificate originating from a document/signature.

  • TS_CERTIFICATE_FROM_SIGNATURE - TS certificate originating from a document/signature.

  • DOC_INFO - certificates originating from DocInfo → DocInfoTslProvider.
<DistributionPointChecked>
Return value Description

boolean

Specifies whether the CRL distribution point was checked. Not always needed.
<DistributionPoint>
Return value Description

string

Distribution point URL.
<DistributionPointCheckDate>
Return value Description

dateTime

Date and time when the distribution point was checked.
<DistributionPointThisUpdate>
Return value Description

dateTime

Details from the CRL distribution point on the date and time this update was issued. If the CRL for a time stamp was issued before the relevant time, the system checks the DistributionPoint for a newer one and if a newer one is not available, the certificate was not revoked as of the DistributionCheckDate.
<DistributionPointHash>
Return value Description

string

CRL distribution point hash.

</RevocationData>

</crlPath>

<lastHashAlgOid>

Return value Description

dateTime

The last used OID digest algorithm in SignerInfo (CMS, PDF). Example for SHA256 algorithm: 2.16.840.1.101.3.4.2.1.

<id>

Return value Description

unsignedInt

Order number of the signature as it was added to the document. Counting from zero.

<sid>

Return value Description

string

Unique identifier of the signature.

<DecisiveMoment>

Return value Description

dateTime

Relevant time is the time as of which we evaluate the given entity (signature/time stamp). It is a Proof of Existence, as of which we validate the entity. If a date and time from a time stamp is not available, ValidationTime (or the current date) will be used.

<DecisiveMomentSource>

Return value Description

string

Information on the origin of the relevant time at which the signature was evaluated. Values:

  • VALIDATION_DATE - verified on the validation date.

  • CUSTOM_VALIDATION_DATE - verified on the user validation date.

  • TIMESTAMP - verified on the time stamp date.

  • CLAIMED_TIME - validated on the date from so-called claimedTime, which is value from the signature author’s computer clock.

<sigTimestamps>

Optional element, depends on the existence of a time stamp on the signature.

Return value Description

XML structure

Details of a time stamp attached as an attribute to a digital signature. The XML data structure as for the parent signature. Which means it contains the SigInfo element, see above, including all its children. Details in the children relate to the time stamp certificate.

<sigType>

Return value Description

enum

Signature type. It may be one of the following values:

  • UNKNOWN.

  • STANDARD.

  • XML602FORM_TECHNICAL – for Software602 forms.

<xmlSignedReferences>

Optional element, depends on the input file format (only for XML/ZFO).

Return value Description

XML structure

Signature data.

<pdfByteRange>

Optional element, depends on the input file format (only for PDF).

Return value Description

XML structure

Byte range of PDF signatures.

<hasFurtherChanges>

Return value Description

Boolean

Specifies whether any changes were made to the document after it was signed.

Values: false, true.

<Reason>

Return value Description

String

Reason for signing the document.

<Location>

Return value Description

String

Location where the document was signed.

<Contact>

Return value Description

String

Contact details related to the document signature.

</DocInfo>

<StatusMessage>

Return value Description

String

Text statement corresponding to the overall preservation result for all electronic signatures in the SecuSign service. The value is only filled if the result is complicated.