API Reference sign_core v#0.1.0

Copy Markdown View Source

Modules

SignCore

Signer-agnostic primitives for PDF (PAdES B-B / B-T) and XML (XAdES B-B / B-T) signing on top of CMS / XML-DSig.

SignCore.Algorithm

Behaviour for algorithm adapters.

SignCore.Algorithm.PS256

PS256 algorithm adapter — RSASSA-PSS with SHA-256, MGF1-SHA-256, and a 32-byte salt.

SignCore.CMS

Cryptographic Message Syntax (RFC 5652) primitives for pkcs11ex.

SignCore.CMS.Codec

Thin wrapper around OTP's :CryptographicMessageSyntax-2009 ASN.1 codec for CMS structures.

SignCore.CMS.OIDs

Well-known ASN.1 object identifiers used by CMS / PKCS#7 / PKCS#9.

SignCore.CMS.Parsed

Output of SignCore.CMS.SignedData.parse/1 — a struct with the fields a verify pipeline actually needs, plus the original DER for audit / re-emission.

SignCore.CMS.SignedAttributes

Build and encode the signedAttrs SET-OF Attribute that goes into a CMS SignerInfo (RFC 5652 §5.3) — and produce the to-be-signed bytes per RFC 5652 §5.4 ("the message digest calculation process").

SignCore.CMS.SignedData

Assemble a CMS SignedData ContentInfo envelope (RFC 5652 §5).

SignCore.CMS.UnsignedAttributes

Builders for CMS unsignedAttrs — the optional set on a SignerInfo that carries data computed after signing (signature timestamps, countersignatures, etc.). The values aren't covered by the signature math.

SignCore.JWS

JWS format adapter — detached (RFC 7797) by default, attached (RFC 7515) opt-in.

SignCore.PDF

PAdES (PDF Advanced Electronic Signature) format adapter — Phase 4a.

SignCore.PDF.Reader

Minimal PDF trailer / xref scanner for the PAdES adapter.

SignCore.PDF.Reader.Revision

Parsed view of one xref + trailer pair (one PDF revision).

SignCore.PDF.Writer

Hand-rolled PAdES B-B incremental-update emitter.

SignCore.Policy

Behaviour for trust policies.

SignCore.Policy.Allow

Test-only trust policy that accepts any signer with a parseable cert in the JWS x5c header. Refuses to start under Mix.env() == :prod.

SignCore.Policy.PinnedRegistry

Default SignCore.Policy implementation: SPKI pinning.

SignCore.Signer

Pluggable signature-source contract used by SignCore.PDF.sign/2, SignCore.XML.sign/2, and SignCore.JWS.sign/2.

SignCore.X509

Thin wrapper around an OTP :public_key-decoded X.509 certificate.

SignCore.XML

XML-DSig + XAdES B-B format adapter.

SignCore.XML.Builder

Builds XML-DSig elements for the XAdES B-B sign flow.

SignCore.XML.C14n.XmerlC14n

Vendored copy of xmerl_c14n (DoggettCK/xmerl_c14n on Hex, derived from esaml's Erlang implementation).

SignCore.XML.Canonicalizer

Thin wrapper around SignCore.XML.C14n.XmerlC14n — our vendored copy of xmerl_c14n.

SignCore.XML.XAdES

Builds the XAdES B-B <xades:QualifyingProperties> block.