eZīmoga izveidošana

Scope

Puts organization’s electronic seal on a file.

Description

Creates electronic seal signature using organization’s electronic seal certificate, timestamp using authentication certificate and the revocation data (for example - OCSP). 

Request

The Service provider's application sends the following POST request using TLS:

POST /api-sign/v1.0/eSealCreate 

Body

{
  "sessions": [
    {
      "sessionId": "string"
    }
  ],
  "signAsPdf": false,
  "createNewEdoc": false,
  "signKey": "string",
  "signKeyPassword": "string",
  "authCertificate": "string"
}


PropertyDescription
sessionId

File processing session identifier

Multiple sessions can be sealed at once

signAsPdf

True - will be signed as PDF

False - will cerate XAdES signature in ASICE container (EDOC).

createNewEdoc

True - Always creates new ASICE container (even if signable file is already a ASICE container - ASICE in the ASICE container);

False - If existing file is ASICE container, new signature will be added within existing ASICE container.
signKey
eSeal certificate key in PFX file format encoded in base64.
signKeyPassword

eSeal certificate key password encrypted with API central authentication certificate (issued by LVRTC) public key encoded in base64

RSA Encryption with SHA1 padding


authCertificate
Authentication certificate related to eSeal for Timestamp request in PEM format


Key shall be provided in "pfx" format


Encription

byte[] signKeyPasswordBytes = Encoding.UTF8.GetBytes(req.SignKeyPassword);
byte[] signKeyPasswordBytesEncrypted = publicKey.Encrypt(signKeyPasswordBytes, RSAEncryptionPadding.Pkcs1);
req.SignKeyPassword = Convert.ToBase64String(signKeyPasswordBytesEncrypted);

Example

POST /api-sign/v1.0/eSealCreate  HTTP/1.1
Authorization: Bearer a477b3a3366768c07e4c458f518711b4b351e8d2c2f0f78a1524e4d3efd00603
Host: signapi-prep.eparaksts.lv
{
  "sessions": [
     {
        "sessionId": "702e9106e3fe2987d04a0bf7d585050477c1c0dce4d5b76fafc1178b537bc891"
     }
  ],
  "signAsPdf": false,
  "createNewEdoc": false,
  "signKey": "gbfb43564/70OeyYmqoLJ+YAU1kl+vwGVHT0L+ywky80EO8qx/kMZ7hq1Rm9p/SjzexaS0lIH4yf0OJ74BdZCRGaeBfjZWHiQxBdQSXyeuCqDgawbcOjNMjQeLUK5s4a6T17WXjsPTqPulu8mdyhV+tPhwUE/UdtOcSrJeY+ZkGMsn1i+YcNk1cg12+A/zQZ8lWach7M7Fj7gYhNaHiNW5JUREJKGgVKU4rSEE1T2LosJ9H/b+I3Fj0AVR3Cw57W+VSxn8bXqQG8kq+MWdeomaprRvFQoSwY+MFUedqXgVNOioO8lARJNcd2duMLiy4PKEheqq6rZFftSlYulv+o9nPsbZXMO7H",
  "signKeyPassword": "6hCV2AEjVdTWDw5EEurDANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhM",
   "authCertificate": "MIIGTjCCBDagAwIBAgIQGd6hCV2AEjVdTWDw5EEurDANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCTFYxOTA3BgNVBAoMMFZBUyBMYXR2aWphcyBWYWxzdHMgcmFkaW8gdW4gdGVsZXbEq3ppamFzIGNlbnRyczEaMBgGA1UEYQwRTlRSTFYtNDAwMDMwMTEyMDMxHTAbBgNVBAMMFERFTU8gTFYgZUlEIElDQSAyMDE3MB4XDTE5MDgwOTEyMDI1NloXDTIyMDgwOTEyMDI1NlowcDELMAkGA1UEBhMCTFYxHDAaBgNVBAMME0FORFJJUyBQQVJBVURaScWFxaAxFTATBgNVBAQMDFBBUkFVRFpJxYXFoDEPMA0GA1UEKgwGQU5EUklTMRswGQYDVQQFExJQTk9MVi0zMjEyMTUtNzkxNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS0tRy5CYE8Bz0yWmCIftJ0AIBHCvCW68AJPRmcJRNB0lCmXJoJvNKt9jnsgXLzUCgylK4hb5BmpbMP8Pt1TB2IIBNYIg/MdiwwAiAJi9OChCdJrlj0tpbZO3WPlTr3TjihsYxjvImCEwciPWXGV+Y5FJSnfnlMgZ22SMdiGRT5rrZ0v122+ULfVqMJc5s/Fufws3vXuNRBewuzlCM6dcRmwl05qr0/Y7rPVR57kId+2dZD/lWB0aXUE320Cr3u2J0y5iXS4zKUpNrrMozWXinVqhdpdF1l8BM6Kti99Kw1MyEADaRa8hNfyNEAoucjEj2OBuLEP1myII/Xnoj3/yxAgMBAAGjggHOMIIByjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAjAdBgNVHQ4EFgQUppUtW5WAE82oSZPmnak+Y9394CQwHwYDVR0jBBgwFoAUj2jOvOLHQCFTCUK75Z4djEvNvTgwgYsGA1UdIASBgzCBgDA7BgYEAI96AQEwMTAvBggrBgEFBQcCARYjaHR0cHM6Ly93d3cuZXBhcmFrc3RzLmx2L3JlcG9zaXRvcnkwQQYMKwYBBAGB+j0CAQMBMDEwLwYIKwYBBQUHAgEWI2h0dHBzOi8vd3d3LmVwYXJha3N0cy5sdi9yZXBvc2l0b3J5MH0GCCsGAQUFBwEBBHEwbzBCBggrBgEFBQcwAoY2aHR0cDovL2RlbW8uZXBhcmFrc3RzLmx2L2NlcnQvZGVtb19MVl9lSURfSUNBXzIwMTcuY3J0MCkGCCsGAQUFBzABhh1odHRwOi8vb2NzcC5wcmVwLmVwYXJha3N0cy5sdjBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vZGVtby5lcGFyYWtzdHMubHYvY3JsL2RlbW9fTFZfZUlEX0lDQV8yMDE3XzguY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQBkgLwrpoAIx6FVE1NKdoTntzyQBi04+0uBnJdVOs6Zf9AHnZJQon88aorZEqPc0Y4D2/DRQ58EhsEwULN8Us8zfdnd2QM6wpHsHTfzP0+moDLebRJQwzItsN+CiJxvziX7OVIXiS/mNL28mQL4mIW5bh4fbmx/34Dp6b+/sTjaQUmTxyQUWI/FY8rQFiZs/Mp8B1PC6xbnUuYlcsiwesdGapG2WwGF1orVehMnpPQbwB3ZY6JkD/vrrkqJnj8FwHRUYpswSDnmqZJPYTfiK5OoMc9yolH31r+m5h6DD3YkSnfKoxvrfRHQ8//+MWlWH+0W74ZPCNnRwKgAERmAL/3fagWvpSnBPeWy+K/dhfGPyLKKLH/xJrU7FZ0VHTjOtbTIvXorVMX5Ab0aWqv+xOuemKPFD5nzMCBUudXJan0a22RfbWaLm0NUvb/Oz+BN+NcRNc8wKs1Jr3asxNh5F7gxzqMHrxoK6zqCHRvUHPwlwYrGeu3j2vGgE5zinSQi9dBCSsFu7YEh2XZT1r7/4kMjolWX7wSafqO/Zuj/15LNLmsaOIwgDoOfu0VL/WyjN6mWZyJ9RNG9uBYFJSX+jOpAU6g1eIU7cdKydPMCyTjvGSMvfGZ2/3J1ggvdQm7uO93PJyu9V/D5raLXm4tPnIng9/VRc8SSdFcdks4PjUoKew=="}

Response

JSON object:

{
    "results": "string"[
        {
            "sessionId": "string",
            "error": {
                "code": "string",
                "message": "string"
            }
        }
    ]
}


PropertyDescription
results
Signing results: success if error == null or omitted
results.sessionId
File processing session identifier
results.error
Session error if any
results.error.code
Session error code
results.error.message
Session error message

Example

{
  "data": {
	 "results": [
		{
		   "sessionId": "76fa04d8e5e2451b867af6ae667558395459fb9d082d31dadb9f22222f80a3d2"
		}
	 ]
  }
}