Signing​ ​Tool​ ​API​ ​Anatomy​ ​v1.0.0

This document is intended for Portal / Developers / Websites to integrate the API into their Web application​ ​and​ ​Desktop​ ​Application.

This helps the user in making their entire signing work easy and secured

Standard​ ​Disclaimer

  • The​ ​specification​ ​can​ ​always​ ​change​ ​at​ ​last​ ​minute.
  • This​ ​is​ ​intended​ ​for​ ​selected​ ​people​ ​and​ ​is​ ​confidential.

Anatomy​ ​of​ ​Command

Request​ ​Command

This​ ​is​ ​​ ​root​ ​element​ ​it​ ​contains​ ​following​ ​elements All​ ​these​ ​element​s are​ ​sent​ ​in​ <command> <ts> <txn> <certificate><file> <pdf> <data>


This​ ​is​ ​Time​ ​Stamping​ ​element,​ ​which​ ​the​ ​server​ ​would​ ​pass​ ​to​ ​the​ ​Signing​ ​Tool. (This ​​ is ​Optional ​Element) The signing tool would compare with the Client system Date and time and see the difference, if​ ​there​ ​is​ ​difference​ for​​ ​30​ ​seconds​ ​from​ ​ ​Server​ ​Date​ ​and​ ​Time​ ​it​ ​would​ ​not​ ​Sign. ​


A​ ​unique​ ​ID​ ​could​ ​be​ ​passed​ ​with​ ​each​ ​Signing​ ​Request,​ ​it​ ​would​ ​help​ ​Web​ ​Application​ ​to​ ​get​ ​the response​ ​and​ ​map​ ​it​ ​to​ ​correct​ ​request. (This ​is ​Optional ​Element)


The​ ​application​ ​could​ ​also​ ​pass​ ​values​ ​to​ ​prompt​ ​signing​ ​tool​ ​to​ ​match​ ​for​ ​a​ ​certificate​ ​present in​ ​Browser​ ​Store​ ​and​ ​operations​ ​could​ ​be​ ​performed. (This ​is ​Optional ​Element)

  • If there are more than One Signature matching the criteria, then a Box showing all the matching​ ​signature​ ​would​ ​be​ ​shown,​ ​and​ user​ ​could​ ​select​ ​signature.
  • If only One Signature is found, then our application would only show the pop up for Password​ ​and​ ​it​ ​would​ ​automatically​ ​sign.
  • If​ ​no​ ​Parameters​ ​are​ ​sent​ ​then​ ​all​ ​allowed​ ​certificate​ ​would​ ​be​ ​shown.

The <certificate> ​can​ ​used​ ​with​ ​the​ ​following​ ​attributes​ ​with​ ​this​ ​element.

<attribute​ ​name="CN"> John​ < /attribute>

<attribute​ ​name="O"> John​ ​&​ ​Company < /attribute>

<attribute​ ​name="OU">​ Management < /attribute>

<attribute​ ​name="T"> CEO​ < /attribute>

<attribute​ ​name="E">​ < /attribute>

<attribute​ ​name="SN">​ A123 < /attribute>

<attribute​ ​name="CA"> Capricorn​ ​CA​ < /attribute>

<attribute​ ​name="TC"> SG < /attribute>

<attribute​ ​name="AP"> application​ ​id​ < /attribute>

<attribute​ ​name="VD"> Application​ ​Validity​ ​Date​ < /attribute>

CN ​=​ ​ubject​ ​Name

O​ ​​=​ ​Organization​ ​name.

OU​ ​=​ ​Organization​ ​Unit.

T​ ​=​ ​Title E​ ​=​ ​eMail

SN​ ​​=​ ​​ ​Serial​ ​number.

CA​ ​​=​ ​Certifying​ ​Authority.

TC​ ​=​ ​​ ​Type​ ​of​ ​certificate,​ ​allowed​ ​variables​

​​SG​ ​​​(Signing)​

EN​​ ​​(Encryption)

AP ​=​ ​​ ​Application​ ​Id​ ​(​ ​This​ ​is​ ​intended​ ​for​ ​application​ ​developers​ ​)

VD​=​ ​Application​ ​Validity​ ​Date


type​ ​​=​ ​​ The​ ​Type​ ​of​ ​Data​ ​which​ ​needs​ ​to​ ​used​ ​by​ ​the​ ​commands (This ​is ​Mandatory​ Element) Allowed​ ​variables​ ​​PDF​,​ ​​TXT​ ​​or​ ​​XML

inputfile​ ​​=​ ​​Unsigned file path (full), which need to be signed ( This is Optional if you passing <data> element

outputfile​ ​​=​ ​​ ​Signed file copied here (optional)


This​ ​Element​ ​is​ ​used​ ​when​ ​<file> ​element​ ​is​ ​PDF (This ​is ​Optional ​Element)

  • This Element is is used when we would want to sign the PDF file in particular Page and in Particular​ ​Place.
  • In case no values are passed, the signing would happen in the file invisible form (No Physical​ ​footprint​ ​would​ ​left​ ​in​ ​file).
  • If the values are passed with <file> not equal to PDF the values present would not be affect the​ ​Signing​ ​process.
  • This​ ​element​ ​is​ ​used​ ​for​ ​Signing​ ​only.

The​ ​attributes​ ​available​ ​are:-

<page​ >1 < /page>

<cood​ >10,10 < /cood>

<size​ >200,200 < /size>

<invisiablesign​ >yes < /invisiablesign>

<enableltv​ ​name=>yes < /enableltv>

<enabletimestamp​ ​>yes < /enabletimestamp>

<location​>New Delhi < /location>

<reason​>Tax Invoice < /reason>

<dateformat ​>dd-MMM-yyyy hh:mm tt < /dateformat>

<customtext​>Your custome text here < /customtext>


​Only​ ​Numeric,​ ​Zero​ ​is​ ​not​ ​allowed


Only Numeric allowed, two numeric value allowed, it would try to sign the pixels mentioned (depending on the resolutions of the file saved), else it would generate an error. Please separate the value by a comma, The first figure is horizontal and the next figure is Vertical on the page​ ​(eg.​ ​79,100)


Only Numeric allowed, two numeric value allowed,and it would print the signature in the box mentioned here. Please separate the value by a comma, The first figure is horizontal and the next​ ​figure​ ​is​ ​Vertical​ ​on​ ​page​ ​(eg.​ ​79,100)


For invisible signature. Allowed value are "yes" and "no"


To enable the LTV. Allowed value are "yes" and "no"


To enable the embeded timestamp. Allowed value are "yes" and "no"


The​ ​actual​ ​data​ ​which​ ​is​ ​encoded​ ​in​ ​Base64​ ​format. (This ​is ​Mandatory ​Element)


This is the actual command to help you perform operations using our applications

This​ ​command​ ​is​ ​used​ ​to​ ​Sign,​ ​XML,​ ​TEXT,​ ​PDF,​ ​​data​ ​has​ ​to be​ ​passed​ ​in​ ​Base64.
This​ ​command​ ​is​ ​used​ ​to​ ​sign​ ​Hash​ ​instead​ ​of​ ​sending​ ​the Base64​ ​File.
This​ ​command​ ​is​ ​used​ ​to​ ​Verify​ ​Signature.
  • You ​could ​pass ​any ​existing ​document ​(Text, ​PDF,​ XML), with attributes ​and ​it ​would ​verify signature.
This​ ​command​ ​is​ ​used​ ​for​ ​Encryption​ ​of​ ​Data.
This​ ​command​ ​is​ ​used​ ​for​ ​De​ ​Encryption​ ​of​ ​Data.
This​ ​command​ ​is​ ​used​ ​to​ ​extract​ ​details​ ​of​ ​the Certificate .
  • Response ​would ​be ​details ​of ​​certificate in ​XML format, ​No ​attributes ​can ​be ​passed
This​ ​Command​ ​is​ ​used​ ​to​ ​validate​ ​data​ ​and​ ​Certificate details.
  • Response ​would ​be ​Valid / ​Not ​Valid, ​and ​you ​​ could pass ​all attributes.
This​ ​command​ ​is​ ​used​ ​to​ ​encrypt​ ​file​ ​from​ ​the​ ​client​ ​machine, when​ ​the​ ​command​ ​is​ ​initiated​ ​it​ ​would​ ​open​ ​a​ ​File​ ​browser window,​ ​a​ ​file​ ​would​ ​be​ ​selected,​ ​the​ ​same​ ​file​ ​would​ ​be converted​ ​into​ ​Base64,​ ​and​ ​encrypted.
This​ ​command​ ​is​ ​used​ ​to​ ​encrypt​ ​file​ ​from​ ​the​ ​client​ ​machine, when​ ​the​ ​command​ ​is​ ​initiated​ ​it​ ​would​ ​open​ ​a​ ​File​ ​browser window,​ ​a​ ​file​ ​would​ ​be​ ​selected,​ ​the​ ​same​ ​file​ ​would​ ​be converted​ ​into​ ​Base64,​ ​and​ ​encrypted,​ ​then​ ​the​ ​same​ ​data would​ ​be​ ​signed​ ​with​ ​the​ ​selected​ ​DSC.
This​ ​command​ ​is​ ​used​ ​to​ ​encrypt​ ​Block​ ​of​ ​Text​ ​file​ ​and​ ​then the​ ​same​ ​data​ ​would​ ​be​ ​signed​ ​with​ ​the​ ​selected​ ​DSC.
This​ ​command​ ​is​ ​used​ ​​ ​extract​ ​the​ ​P7B​ ​file​ ​of​ ​the​ ​encryption certificate​ ​and​ ​the​ ​same​ ​would​ ​be​ ​converted​ ​into​ ​Base64​ ​and sent​ ​back​ ​as​ ​response.
This​ ​command​ ​is​ ​used​ ​to​ ​Sign​ ​file​ ​from​ ​the​ ​client​ ​machine, when​ ​the​ ​command​ ​is​ ​initiated​ ​it​ ​would​ ​open​ ​a​ ​File​ ​browser window,​ ​a​ ​file​ ​would​ ​be​ ​selected,​ ​the​ ​same​ ​file​ ​would​ ​be converted​ ​into​ ​Base64,​ ​and​ ​encrypted.

Sample​ ​Structure 

To make it easy for the developers to understand the whole procedure of using PKI, we have generated a sample structure here.


<command> pkiNetworkSign < /command>

<ts> 2017-03-22T12:23:11.3820412+05:30 < /ts>

<txn> unique​ ​id < /txn>


<attribute​ ​name="CN"> < /attribute>

<attribute​ ​name="O"> < /attribute>

<attribute​ ​name="OU">​< /attribute>

<attribute​ ​name="T"> < /attribute>

<attribute​ ​name="E"> < /attribute>

<attribute​ ​name="SN">​< /attribute>

<attribute​ ​name="CA">< /attribute>

<attribute​ ​name="TC"> sg/en< /attribute>

<attribute​ ​name="AP">< /attribute>

<attribute​ ​name="VD"> < /attribute>

< /certificate>


<attribute​ ​name="type"> xml/pdf/text < /attribute>

< /file>


<page> < /page>

<cood>78,56 < /cood>

<size> < /size>

< /pdf>


base64 ​encoded

< /data>



<command> pkiNetworkSign < /command>

<ts>2017-03-22T12:23:11.3820412+05:30 < /ts>

<txn> unique​ ​id < /txn>

<status> ok < /status>

<data>base64​ ​encoded < /data>

<Requrl>Requested​ ​URL < /Requrl>

< /response>



<command> pkiNetworkSign < /command>

<ts>2017-03-22T12:23:11.3820412+05:30 < /ts>

<txn> unique​ ​id < /txn>

<status> failed < /status>

<error​ ​code=””>base64​ ​encoded < /error>

< /response>