MRTD SOD Signer
The signer has the class name: org.signserver.module.mrtdsodsigner.MRTDSODSigner.
Overview
The MRTD SOD Signer creates the Complete Security Object (SOd) for Machine Readable Travel Documents (MRTD), such as electronic passports and residence permits, by signing the provided data groups (DGs).
The Document Signer (DS) certificate is included in the SOd. The SOd is verified (including the certificate path) before it is returned, so the certificate chain must contain the Country Signing CA (CSCA) certificate. For more information, see SODProcessServlet in HTTP interface, or ClientWS interface.
Available Properties
Property |
Description |
DODATAGROUPHASHING |
True if this signer first should hash the DG values. Otherwise, the values are assumed to be hashes already. Optional, default: false. |
DIGESTALGORITHM |
Message digest algorithm that is applied or should be applied to the values. Optional, default: SHA256. |
SIGNATUREALGORITHM |
Signature algorithm for signing the SO(d). Optional, default is SHA256withRSA, although SHA256withRSAandMGF1 is recommended by Doc9303. |
LDSVERSION |
Version of Logical Data Structure (LDS). For LDS version 1.7, enter "0107" and for version 1.8, "0108". Optional, default is 0107. |
UNICODEVERSION |
Version of Unicode used in the datagroups. Required if LDS 1.8 is used. Example: "040000" for Unicode version 4.0.0. |