xadesjs
v2.6.5
Published
XML Advanced Electronic Signatures (XAdES) implementation in TypeScript/JavaScript built on XMLDSIGjs
Readme
XAdESjs
XML Advanced Electronic Signatures (XAdES) implementation in TypeScript/JavaScript built on XMLDSIGjs.
Installation
npm install xadesjsFeatures
- XAdES-BES (Basic Electronic Signature) support
- Built on XMLDSIGjs for robust XML signature handling
- Support for signing time, production place, signer roles
- Cross-platform: browsers and Node.js
- TypeScript support
XAdES Profiles
| Profile | Digital Signature | Cryptographic Timestamp | Revocation References | Revocation Data | Secure Timestamp | |------------|-------------------|-------------------------|----------------------|-----------------|------------------| | XAdES-BES | ✓ | ✗ | ✗ | ✗ | ✗ | | XAdES-T | ✓ | ✓ | ✗ | ✗ | ✗ | | XAdES-C | ✓ | ✓ | ✓ | ✗ | ✗ | | XAdES-X-L | ✓ | ✓ | ✓ | ✓ | ✗ | | XAdES-A | ✓ | ✓ | ✓ | ✓ | ✓ |
Currently only XAdES-BES is fully supported.
Quick Start
Node.js Setup
Note: Use ESM modules (
.mjsextension or"type": "module"inpackage.json).
import * as xadesjs from 'xadesjs';
import { Crypto } from '@peculiar/webcrypto';
xadesjs.Application.setEngine('NodeJS', new Crypto());Browser Setup
<script type="module">
import * as xadesjs from "https://unpkg.com/xadesjs@latest/dist/esm/index.js";
</script>Creating XAdES-BES Signature
import * as xadesjs from 'xadesjs';
import { Crypto } from '@peculiar/webcrypto';
xadesjs.Application.setEngine('NodeJS', new Crypto());
async function signXAdES() {
// Generate key pair
const keys = await crypto.subtle.generateKey(
{
name: "RSASSA-PKCS1-v1_5",
modulusLength: 2048,
publicExponent: new Uint8Array([1, 0, 1]),
hash: "SHA-256"
},
false,
["sign", "verify"]
);
// Parse XML document
const xml = xadesjs.Parse('<root><data>Hello World</data></root>');
// Create XAdES signature
const signedXml = new xadesjs.SignedXml();
await signedXml.Sign(
{ name: "RSASSA-PKCS1-v1_5" },
keys.privateKey,
xml,
{
keyValue: keys.publicKey,
references: [{ hash: "SHA-256", transforms: ["enveloped"] }],
productionPlace: {
country: "US",
state: "California",
city: "San Francisco"
},
signerRole: {
claimed: ["Developer"]
}
}
);
console.log(signedXml.toString());
}Verifying XAdES Signature
import * as xadesjs from 'xadesjs';
async function verifyXAdES(signedXmlString) {
const doc = xadesjs.Parse(signedXmlString);
const signatures = doc.getElementsByTagNameNS(
'http://www.w3.org/2000/09/xmldsig#',
'Signature'
);
const signedXml = new xadesjs.SignedXml(doc);
signedXml.LoadXml(signatures[0]);
const isValid = await signedXml.Verify();
console.log('XAdES signature valid:', isValid);
}API Reference
SignedXml.Sign()
Sign(
algorithm: Algorithm,
key: CryptoKey,
data: Document,
options?: OptionsXAdES
): Promise<Signature>XAdES Options:
interface OptionsXAdES {
keyValue?: CryptoKey;
x509?: string[];
references?: OptionsSignReference[];
// XAdES-specific options
signingCertificate?: string;
signingTime?: { value?: Date; format?: string };
productionPlace?: {
city?: string;
state?: string;
code?: string;
country?: string;
};
signerRole?: {
claimed?: string[];
certified?: string[];
};
policy?: OptionsPolicyId;
}Algorithm Support
Same as XMLDSIGjs:
- Cryptographic: RSASSA-PKCS1-v1_5, RSA-PSS, ECDSA, HMAC
- Hash: SHA-1, SHA-256, SHA-384, SHA-512
- Canonicalization: C14N, C14N with Comments, Exclusive C14N variants
Node.js: Registering XML Dependencies
To work with XML in Node.js, you need to register DOM and XPath dependencies:
import * as xmldom from '@xmldom/xmldom';
import { setNodeDependencies } from 'xadesjs';
import xpath from 'xpath';
setNodeDependencies({
XMLSerializer: xmldom.XMLSerializer,
DOMParser: xmldom.DOMParser,
DOMImplementation: xmldom.DOMImplementation,
xpath,
});WebCrypto Environment
In Node.js >=19 the global crypto.webcrypto is available. For earlier versions or broader compatibility, install and set the engine:
import { Crypto } from '@peculiar/webcrypto';
import { Application } from 'xmldsigjs';
Application.setEngine('NodeJS', new Crypto());License
MIT