Skip to content

OpenICP-BR/libICP

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

189 Commits

c-wrapper

c-wrapper

 
 

cli

cli

 
 

data

data

 
 

dependencies/rc2

dependencies/rc2

 
 

docs/refs

docs/refs

 
 

.codecov.yml

.codecov.yml

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

CAStore.go

CAStore.go

 
 

CAStore_test.go

CAStore_test.go

 
 

Certificate.go

Certificate.go

 
 

Certificate_test.go

Certificate_test.go

 
 

Errors.go

Errors.go

 
 

GLOSSARY.md

GLOSSARY.md

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

PFX.go

PFX.go

 
 

PFX_test.go

PFX_test.go

 
 

README.md

README.md

 
 

Signature.go

Signature.go

 
 

algs.go

algs.go

 
 

algs_test.go

algs_test.go

 
 

attr_and_exts.go

attr_and_exts.go

 
 

attr_and_exts_test.go

attr_and_exts_test.go

 
 

certs.go

certs.go

 
 

certs_list.go

certs_list.go

 
 

certs_test.go

certs_test.go

 
 

cms.go

cms.go

 
 

data.go

data.go

 
 

encap.go

encap.go

 
 

encap_test.go

encap_test.go

 
 

errors_test.go

errors_test.go

 
 

misc.go

misc.go

 
 

misc_test.go

misc_test.go

 
 

names.go

names.go

 
 

names_test.go

names_test.go

 
 

oids.go

oids.go

 
 

oids_test.go

oids_test.go

 
 

pfx_raw.go

pfx_raw.go

 
 

pfx_raw_test.go

pfx_raw_test.go

 
 

signed-data.go

signed-data.go

 
 

signed-data_test.go

signed-data_test.go

 
 

std_errs.go

std_errs.go

 
 

std_errs_test.go

std_errs_test.go

 
 

Repository files navigation

libICP

Build Status Code Coverage GoDoc Semantic Version

A golang library for CAdES (CMS Advanced Electronic Signatures) for the Brazilian Public Key Infrastructure (ICP-Brasil).

Features

  • Verify X509 digital certificates.
    • Validity check.
    • Integrity/signature check.
    • Download all CAs on request.
    • Check CRLs.
    • Auto download CRLs.
    • Auto download CAs when needed.
    • Support certificate extensions.
      • Basic Constraints.
      • Key Usage.
      • Authority Key Identifier.
      • Subject Key Identifier.
      • Key Usage.
      • Certificate Policies.
      • CRL Distribution Points.
      • Fail when critical extensions are not supported.
  • CMS Content type support.
    • protection content
    • ContentInfo
    • data
    • signed-data
    • enveloped-data
  • Join multiple signatures files into a single signature file.¹
  • Support for smartcard certificates.
  • Support for usb certificates.
  • Support creation of AD-RB (Digital Signatures with Basic Reference).
    • Add detached signature to unsigned file.
    • Add attached signature to unsigned file.
    • Add cosignature to already signed file.
    • Add countersignature to already signed file.
  • Support verification of AD-RB (Digital Signatures with Basic Reference).
  • Support creation of AD-RT (Digital Signatures with Time Reference).
  • Support verification of AD-RT (Digital Signatures with Time Reference).
  • Support creation of AD-RV (Digital Signatures with References for Validation).
  • Support verification of AD-RV (Digital Signatures with References for Validation).
  • Support creation of AD-RC (Digital Signatures with Complete References).
  • Support verification of AD-RC (Digital Signatures with Complete References).
  • Support creation of AD-RA (Digital Signatures with References for Archival).
  • Support verification of AD-RA (Digital Signatures with References for Archival).

¹: This is intended to handle situations in which multiple people signed a document "in parallel". Ex: a company contract is sent to five people via email. Each of the recipients generates their own signature file and send them back to the company. The company can simply "merge" these signatures into a single signature file as long as they are all valid and about the same document.

Limitations

  • Only idPbeWithSHAAnd3KeyTripleDES_CBC (1.2.840.113549.1.12.1.3) using SHA1 is supported for key encryption. (this will change in the future)
  • The PFX decoding is a total mess that should be rewritten at some point.

C Wrapper

A C wrapper is available under the c-wrapper directory. See the man files for reference.

If you can't run make docs, look at the .pod file in c-wrapper/docs/src.

License

AGPL - Affero GNU Public License

About

A Golang library for CAdES (CMS Advanced Electronic Signatures) for the Brazilian Public Key Infrastructure

Topics

brazil digital-signature golang-library cades electronic-signatures

Resources

Readme

License

AGPL-3.0 license
Activity
Custom properties

Stars

11 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages