LogoLogo
  • fidentity public documentation
  • Dashboard
  • API
    • Authentication documentation
    • Create a new fidentity process
    • Update a new document for signature
    • URL Management and authentication
  • Use Cases
    • QES
      • Variations
        • Main
        • Split
        • Single run
      • Verification methods
      • QES System URLs
      • Sign hashes
    • SimpleIdent
      • Process steps
      • System URLs
  • Others
    • Compatibility
    • Incident management
    • Release Management
      • Feature Preview
      • Patch Releases
      • Release Notes
        • May 2025
        • April 2025
        • March 2025
        • February 2025
        • January 2025
        • December 2024
        • November 2024
      • Major Releases
    • Change Management
    • Passkeys
    • Custom Domain
    • Dashboard SSO
    • Compliance
      • finma RS2016/7
      • VSB20
      • TAV BAKOM
      • ETSI 119 461
Powered by GitBook
On this page
  1. Use Cases
  2. QES

Sign hashes

Hash signature allows the signing of document hashes instead of the actual documents. These hashes are signed by fidentity and can subsequently be embedded into a PDF outside of the fidentity flow.

Procedure

To sign hashes instead of documents, the initial call is made based on the QES variations. The documentUris array is set to empty and replaced by the hashesToSign array. Other than this difference, the calls for signing PDFs and hashes are identical.

Example request

  "documentUris": [],
  "hashesToSign": [{
      "id": "hash-id-{{$guid}}",
      "type": "signature",
      "title": "hash signature",
      "hash": "91951BA09F5213ADE633434681DFACC5F1C2F49920040AAEB451799037E40A3C",
      "hashAlgorithm": "sha256",
      "documentLink": ""
  }]

Example respond

At the end of the successful Process, you can get the process Object and in the field "signedHashes", there are 3 properties that are important:

  • signature -> Signature of CMS object

  • cmsObject -> CMS Object to integrate to pdf (pkcs7)

  • certificate -> Public certificate of signing party (DER encoded)

"signedHashes": [
        {
            "id": "test-hash-1",
            "title": "QesSignature-cypress-test",
            "type": "contract",
            "hash": "538a54e1480b6...",
            "cmsObject": "MIIz+AYJK...",
            "preparedDigest": "17bd1...",
            "signature": "d181cffd28e...",
            "certificate": "MIIH2zCCBY...
        }
    ],```

PDF handling with Hash Signing

Last updated 6 months ago

Our TSP Partner Swisscom has created a wishing to integrate hashes into PDF files by themselves. There are also references to some tools that provide this feature as well as github examples.

step-by-step guide for developers
Page cover image