Skip to content

Latest commit

 

History

History
32 lines (21 loc) · 1.3 KB

README.md

File metadata and controls

32 lines (21 loc) · 1.3 KB
Raw

Signing with MobileID

Main documentation sources:

Contents

Generic Action Sequence

  1. Get user certificate from MobileID /certificate endpoint, passing it user's phone number and identity code.

  2. Prepare the XAdES signature structure for signing, aka XmlSignature, embedding into it the certificate obtained at the previous step. The signed data is derived from this structure.

  3. Display the verification code to the user, calculated based on the hash of the signed data.

  4. Get the actual signature from the MobileID REST service.

    1. Start a signing session by sending a request to /signature endpoint, complete with user's phone number and identity code, and the digest of the signed data.

    2. Poll the server for signing status, which returns the signature when successful.

    3. Use the certificate obtained at step 1, to verify the signature

  5. Finalize the XmlSignature structure with the received signature. (See the paragraph in SmartID for the details)