This repository is Xades signature sign and verification sample code for Thailand etax invoice
- Sign multiple file with in target directory
- Archive all targeted directory
- Support prefix signed file
- Java JRE8 (java 8 for higher)
- Windows OS (if not, can be any that support JAVA but no execution provided yet.)
- Change 3 variables value in run.bat file
set JAVA_TARGET=C:\Program Files\Java\jdk1.8.0_111\bin\java.exe
set CONFIG_FILE="ABSOLUTE PATH to config file"
set JAR_TARGET=xades-ready-to-use-jar-with-dependencies.jar
...
- Update value in configuration file.
- double-click run.bat
Property | Meaning | Example |
SIGN_INPUT_PATH | Input directory | C:\temp\in |
SIGN_OUTPUT_PATH | Output directory | C:\temp\out |
SIGN_ARCHIVE_PATH | Archive directory (leave it blank for you don't need to archive) | C:\temp\archive |
SIGNED_PREFIX | Prefix name for signed filename (leave it blank for you don't want filename change) | signed- |
PK_TYPE | Cryptography Standards selection | PKCS12 |
PKCS11 | ||
#PKCS11 PARAMETER | ||
PKCS11_LIB_PATH | Target PKCS11 | C:\windows\system32\eTPKCS11.dll |
/usr/local/lib/libeTPkcs11.dylib | ||
/usr/lib/opensc-pkcs11.so | ||
PKCS11_PROVIDER_NAME | Provider's name | eToken |
PKCS11_SLOT_ID | Slot of targeted certificate | 0 |
PKCS11_PASSWORD | password for targeted certificate | P@ssw0rd |
PKCS11_PIN | pin for targeted certificate | 12345678 |
Note: you can find Provider name and slot ID in Driver's application or programatic way at https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html#TroubleShoot | ||
#PKCS12 PARAMETER | ||
PKCS12_PATH | Location of targeted certificate | ./key.p12 |
PKCS12_PASSWORD | password for targeted certificate | password |
#XAdES-BES VERIFICATION PARAMETER - this section is for receiver, unnecessary to focusing. | ||
... |
to debug PKCS11 lib:
keytool -list -v -storetype pkcs11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg <PATH_TO_CONFIG_FILE>\pkcs11.cfg
or
keytool -keystore NONE -storetype PKCS11 -list