search

Data Signing Service

IDataSigningService in assembly SanteDB.Core.Api version 3.0.1980.0

hashtag
Summary

Contract for services which can sign data using configured digital signature algorithms

hashtag
Description

Implementers of this service contract are responsible for computing and validating digital signatures against arbitrary data streams. Implementers of this service are responsible for maintaining (or acquiring) a master list of keys which can be used for data signing, and validating digital signatures.

Implementers should also use the IDataSigningCertificateManagerServicearrow-up-right to support key identifiers which are indicated as a secure application/device identifier

hashtag
Operations

Operation
Response/Return
Input/Parameter
Description

GetNamedSignatureSettings

SignatureSettings

String systemKeyId

Get the siganture algorithm for the system configured key

GetSignatureSettings

SignatureSettings

Byte[] certificateThumbprint SignatureAlgorithm signatureAlgorithm

Get the signature algorithm for the configured thumbprint

SignData

Byte[]

Byte[] data String systemKeyId

Sign with the configured system key

SignData

Byte[]

Byte[] data SignatureSettings settings

Sign with the configured system key

Verify

Boolean

Byte[] data Byte[] signature String systemKeyId

Verifies the digital signature of the data

Verify

Boolean

Byte[] data Byte[] signature SignatureSettings settings

Verifies the digital signature of the data

hashtag
Implementations

hashtag
DefaultDataSigningService - (SanteDB.Core.Api)

Default data signing service

hashtag
Description

This digital signature service uses the keys configured in the SecurityConfigurationSectionarrow-up-right to sign data based on the type of signature algorithm in the SecurityConfigurationSectionarrow-up-right. Supported signature algorithms are:

  • HMAC256 (HMAC + SHA256) using shared secrets

  • RS256 (RSA+SHA256) using X.509 certificates (generation of a signature requires private key)

  • RS512 (RSA+SHA512)

hashtag
Service Registration

hashtag
Example Implementation

hashtag
References

PreviousData Privacy Enforcement ProviderNextdCDR Subscription Definition Provider

Last updated

Was this helpful?