If request contains “JWT” operation, then signature contains JWT with sent HASH value in “jti” field and site name in “origin” field.
N.B. Following is needed to verify returned JWT object:
- does the signature correspond to previously received certificate;
- is JWT issue time corresponding to fields "iat" and "exp"
- does sent hash correspond to "jti" field value
- does "origin" field correspond to the site from which signing was made
- does "iss" field value correspond to issuer “eparakststoken-
If request contains "
signed data are included in JSON object, which contains one or more "
key:value" pairs, where:
key" - signed document identifier;
value" - signed data in HEX encoding.
The order in which the "
key:value" pairs are returned may not be identical to the order in which the signature request was built.