ETSI TS 119 124-3 V1.1.1 (2016-06)

ETSI TS 119 124-3 V1.1.1 (2016-06)






TECHNICAL SPECIFICATION
Electronic Signatures and Infrastructures (ESI);
CAdES digital signatures -
Testing Conformance and Interoperability;
Part 3: Test suites for testing interoperability
of extended CAdES signatures

---------------------- Page: 1 ----------------------
2 ETSI TS 119 124-3 V1.1.1 (2016-06)



Reference
DTS/ESI-0019124-3
Keywords
CAdES, e-commerce, electronic signature,
interoperability, profile, security, testing
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2016.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI TS 119 124-3 V1.1.1 (2016-06)
Contents
Intellectual Property Rights . 4
Foreword . 4
Modal verbs terminology . 4
1 Scope . 5
2 References . 5
2.1 Normative references . 5
2.2 Informative references . 5
3 Definitions and abbreviations . 6
3.1 Definitions . 6
3.2 Abbreviations . 6
4 Overview . 6
5 Testing extended CAdES signatures interoperability . 7
5.1 CAdES-E-BES test cases . 7
5.2 CAdES-E-EPES test cases . 8
5.3 CAdES-E-T test cases . 9
5.4 CAdES-E-C test cases . 9
5.5 CAdES-E-X test cases . 11
5.6 CAdES-E-XL test cases . 12
5.7 CAdES-E-A test cases . 14
6 Testing extended CAdES signatures augmention interoperability . 18
6.1 Introduction . 18
6.2 Augmentation to CAdES-E-C signatures test cases . 18
6.3 Augmentation to CAdES-E-X signatures test cases . 19
6.4 Augmentation to CAdES-E-XL signatures test cases . 20
6.5 Augmentation to CAdES-E-A signatures test cases . 21
7 Testing negative extended CAdES signatures . 22
7.1 CAdES-E-BES test cases . 22
7.2 CAdES-E-EPES test cases . 23
7.3 CAdES-E-T test cases . 23
7.4 CAdES-E-A test cases . 25
History . 27


ETSI

---------------------- Page: 3 ----------------------
4 ETSI TS 119 124-3 V1.1.1 (2016-06)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and
Infrastructures (ESI).
The present document is part 3 of a multi-part deliverable covering CAdES digital signatures - Testing Conformance
and Interoperability. Full details of the entire series can be found in part 1 [i.1].
Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.

ETSI

---------------------- Page: 4 ----------------------
5 ETSI TS 119 124-3 V1.1.1 (2016-06)
1 Scope
The present document defines a number of test suites to assess the interoperability between implementations claiming
conformance to extended CAdES signatures [2].
The present document defines test suites for each level defined in ETSI EN 319 122-2 [2].
Test suites also cover augmentation of extended CAdES signatures and negative test cases.
These test suites are agnostic of the PKI infrastructure. Any PKI infrastructure can be used including the one based on
EU Member States Trusted Lists.
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
https://docbox.etsi.org/Reference/.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ETSI EN 319 122-1: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 1: Building blocks and CAdES baseline signatures".
[2] ETSI EN 319 122-2: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 2: Extended CAdES signatures".
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] ETSI TR 119 124-1: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures -
Testing Conformance and Interoperability; Part 1: Overview".
[i.2] ETSI TR 119 001: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures; Definitions and abbreviations".
[i.3] ETSI EN 319 102-1: "Electronic Signatures and Infrastructures (ESI); Procedures for Creation and
Validation of AdES Digital Signatures; Part 1: Creation and Validation".
[i.4] IETF RFC 3125 (09-2001): "Electronic Signature Policies".
ETSI

---------------------- Page: 5 ----------------------
6 ETSI TS 119 124-3 V1.1.1 (2016-06)
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the terms and definitions given in ETSI TR 119 001 [i.2] and the following
apply:
negative test case: test case for a signature whose validation according to ETSI EN 319 102-1 [i.3] would not result in
TOTAL-PASSED
3.2 Abbreviations
For the purposes of the present document, the abbreviations given in ETSI TR 119 001 [i.2] apply.
4 Overview
This clause describes the overall approach used to specify test suites for extended CAdES signatures interoperability
testing.
ETSI EN 319 122-2 [2] defines different signature levels.
The test suites are defined with different layers reflecting the levels of extended CAdES signatures specified in [2].
Testing CAdES signatures:
• CAdES-E-BES signatures test cases;
• CAdES-E-EPES signatures test cases;
• CAdES-E-T signatures test cases;
• CAdES-E-C test cases;
• CAdES-E-X test cases;
• CAdES-E-X Long test cases;
• CAdES-E-A signatures (with ATSv2 and ATSv3) built on CAdES-E-T signatures test cases.
Testing negative CAdES signatures:
• CAdES-E-BES test cases;
• CAdES-E-EPES test cases;
• CAdES-E-T test cases;
• CAdES-E-A test cases.
Testing augmentation of CAdES signatures:
• augmentation to CAdES-E-C levels test cases;
• augmentation to CAdES-E-X levels test cases;
• augmentation to CAdES-E-XL levels test cases;
• augmentation to CAdES-E-A levels test cases.
ETSI

---------------------- Page: 6 ----------------------
7 ETSI TS 119 124-3 V1.1.1 (2016-06)
5 Testing extended CAdES signatures interoperability
5.1 CAdES-E-BES test cases
The test cases in this clause have been defined for different combinations of CAdES-E-BES signatures attributes.
Mandatory attributes for CAdES-E-BES described in [2] specification, clauses 4.2 and 4.3, shall be present.
Table 1 shows which attributes are required to generate CAdES-E-BES signatures for each test case.
Table 1: Test cases for CAdES-E-BES signatures
TC ID Description Pass criteria Signature attributes
CAdES/BES/1 This is the simplest CAdES- Positive validation. • Certificates
E-BES signature without The signature shall contain
o SigningCertificate
signing time. The signature ContentType, MessageDigest,
• SignedAttributes
ONLY CONTAINS the SigningCertificate (included in
o MessageDigest
mandatory CAdES attributes. SignedData.certificates field) and
o ESSSigningCertificateV2
ESSSigningCertificateV2
o ContentType
attributes.
CAdES/BES/2 This is the simplest CAdES- Positive validation. • Certificates
E-BES signature with signing The signature shall contain
o SigningCertificate
time. The signature ONLY ContentType, SigningTime,
• SignedAttributes
CONTAINS a signing time MessageDigest,
o MessageDigest
attribute in addition to all the SigningCertificate (included in
o ESSSigningCertificateV2
mandatory CAdES attributes. SignedData.certificates field) and
o ContentType
ESSSigningCertificateV2
o SigningTime
attributes.
CAdES/BES/3 In this CAdES-E-BES Positive validation.
• Certificates
signature test case the The signature shall contain
o SigningCertificate
signature contains a ContentType, SigningTime,
• SignedAttributes
CertifiedAttributeV2 in MessageDigest,
o MessageDigest
addition to the CAdES/BES/2 SigningCertificate (included in
o ESSSigningCertificateV2
test case attributes. SignedData.certificates field),
o ContentType
ESSSigningCertificateV2 and
o SigningTime
CertifiedAttributeV2 attributes.
o SignerAttributesV2
(CertifiedAttributeV2)
CAdES/BES/4 This test case tests a Positive validation. • Certificates
CAdES-E-BES signature with The signature shall contain
o SigningCertificate
ContentTimeStamp attribute. ContentType, SigningTime,
• SignedAttributes
MessageDigest,
o MessageDigest
SigningCertificate (included in
o ESSSigningCertificateV2
SignedData.certificates field),
o ContentType
ESSSigningCertificateV2 and
o SigningTime
ContentTimeStamp attributes.
o ContentTimeStamp
CAdES/BES/5 This test case tests a Positive validation.
• Certificates
CAdES-E-BES signature with The signature shall contain o SigningCertificate
CounterSignature attribute. ContentType, SigningTime,
• SignedAttributes
The input to this test is a MessageDigest,
o MessageDigest
CAdES-E-BES signature as SigningCertificate (included in
o ESSSigningCertificateV2
specified in CAdES/BES/2 SignedData.certificates field),
o ContentType
test case. ESSSigningCertificateV2 and
o SigningTime
CounterSignature attributes.
• UnsignedAttributes
o CounterSignature
CAdES/BES/6 This test case tests a Positive validation. • Certificates
CAdES-E-BES signature with The signature shall contain 2
o SigningCertificate
multiple independent SigningCertificates (included in
• SignedAttributes
signatures. The input to this SignedData.certificates field)
o MessageDigest
test is a CAdES-E-BES attributes and 2 signerInfos
o ESSSigningCertificateV2
signature as specified in containing ContentType,
o ContentType
CAdES/BES/2 test case. SigningTime, MessageDigest and
o SigningTime
ESSSigningCertificateV2
attributes.
ETSI

---------------------- Page: 7 ----------------------
8 ETSI TS 119 124-3 V1.1.1 (2016-06)
TC ID Description Pass criteria Signature attributes
CAdES/BES/7 This test case tests a Positive validation.
• Certificates
CAdES-E-BES signature with The signature shall contain the
o SigningCertificate
the following attributes at following attributes:
• SignedAttributes
once: SigningCertificate (included in
o MessageDigest
- MessageDigest SignedData.certificates field),
o ESSSigningCertificateV2
- SigningTime MessageDigest,
o ContentType
- ESSSigningCertificateV2 SigningTime,
o SigningTime
- SignerLocation ESSSigningCertificateV2,
o SignerLocation
- SignerAttributesV2 (only SignerLocation,
o SignerAttributesV2
 Claimed Attributes SignerAttributesV2 (only Claimed
(ClaimedAttribute)
 included) Attributes included),
o ContentHints
- ContentType ContentType, ContentHints,
o ContentIdentifier
- ContentHints ContentIdentifier,
o CommitmentTypeIndication
- ContentIdentifier CommitmentTypeIndication.
o ContentTimeStamp
- CommitmentTypeIndication.

5.2 CAdES-E-EPES test cases
The test cases in this clause have been defined for different combinations of CAdES-E-EPES signatures attributes.
Mandatory attributes for CAdES-E-EPES described in [2] specification, clauses 4.2 and 4.3, shall be present.
Table 2 shows which attributes are required to generate CAdES-E-EPES signatures for each test case.
Table 2: Test cases for CAdES-E-EPES signatures
TC ID Description Pass criteria Signature attributes
CAdES/EPES/1 This is the simplest CAdES-E- Positive validation.
• Certificates
EPES signature. The The signature shall contain
o SigningCertificate
signature ONLY CONTAINS ContentType, SigningTime,
• SignedAttributes
the mandatory CAdES MessageDigest,
o MessageDigest
attributes. SigningCertificate (included in
o ESSSigningCertificateV2
SignedData.certificates field),
o ContentType
ESSSigningCertificateV2,
o SigningTime
SignaturePolicyIdentifier
o SignaturePolicyIdentifier
attributes.
CAdES/EPES/2 In this CAdES-E-EPES Positive validation. • Certificates
signature test case the The signature shall contain
o SigningCertificate
signature-policy-identifier ContentType, SigningTime,
• SignedAttributes
attribute is qualified with MessageDigest,
o MessageDigest
additional information SigningCertificate (included in
o ESSSigningCertificateV2
within sigPolicyQualifiers. The SignedData.certificates field),
o ContentType
sigPolicyQualifiers shall ESSSigningCertificateV2,
o SigningTime
include the oid of sp-user- SignaturePolicyIdentifier
o SignaturePolicyIdentifier
notice attributes.
o sigPolicyId
(1.2.840.113549.1.9.16.5.2)
o sigPolicyHash
and a UTF8String as
o SigPolicyQualifierInfo
explicitText.
SigPolicyQualifierId
Unotice (explicitText)
CAdES/EPES/3 This test case tests CAdES- Positive validation.
• Certificates
E-EPES signature with the The signature shall contain the
o SigningCertificate
following attributes at once: following attributes:
• SignedAttributes
- MessageDigest MessageDigest,
o MessageDigest
- SigningTime SigningTime,
o ESSSigningCertificateV2
- ESSSigningCertificateV2 SigningCertificate (included in
o ContentType
- SignerLocation SignedData.certificates field),
o SigningTime
- SignaturePolicyIdentifier ESSSigningCertificateV2,
o SignerLocation
- ContentType SignerLocation, ContentType,
o SignaturePolicyIdentifier
- CommitmentTypeIndication. SignaturePolicyIdentifier,
o CommitmentTypeIndication
CommitmentTypeIndication.

ETSI

---------------------- Page: 8 ----------------------
9 ETSI TS 119 124-3 V1.1.1 (2016-06)
5.3 CAdES-E-T test cases
The test cases in this clause have been defined for different combinations of CAdES-E-T signatures attributes.
Mandatory attributes for CAdES-E-T described in [2] specification, clause 4.3, shall be present.
Table 3 shows which attributes are required to generate CAdES-E-T signatures for each test case.
Table 3: Test cases for CAdES-E-T signatures
TC ID Description Pass criteria Signature attributes
CAdES/T/1 This is the simplest CAdES- Positive validation. • Certificates
E-T signature. The The signature shall contain
o SigningCertificate
signature ONLY CONTAINS ContentType, SigningTime,
• SignedAttributes
the mandatory CAdES MessageDigest,
o MessageDigest
attributes. SigningCertificate (included in
o ESSSigningCertificateV2
SignedData.certificates field),
o ContentType
ESSSigningCertificateV2,
o SigningTime
SignatureTimeStamp attributes.
• UnsignedAttributes
o SignatureTimeStamp
CAdES/T/2 This test case tests the Positive validation.
• Certificates
adding of an indipendent The signature shall contain 2
o SigningCertificate
CAdES-E-T signature to an SigningCertificates (included in
• SignedAttributes
already signed document in SignedData.certificates field)
o MessageDigest
CAdES-E-T format. The attributes and 2 signerInfos
o ESSSigningCertificateV2
input to this test is a containing ContentType,
o ContentType
CAdES-E-T signature as SigningTime, MessageDigest,
o SigningTime
specified in CAdES/T/1 test
ESSSigningCertificateV2 and
• UnsignedAttributes
case to which a new SignatureTimeStamp attributes.
o SignatureTimeStamp
SignerInfo instance will be
added containing another
CAdES-E-T signature.

5.4 CAdES-E-C test cases
The test cases in this clause have been defined for different combinations of CAdES-E-C signatures attributes.
Mandatory attributes for CAdES-E-C described in [2] specification, clause A.1, shall be present.
Table 4 shows which attributes are required to generate CAdES-E-C signatures for each test case.
Table 4: Test cases for CAdES-E-C signatures
TC ID Description Pass criteria Signature attributes
CAdES/C/1 This test case tests a Positive validation.
• Certificates
CAdES-E-C signature. In The signature shall contain
o SigningCertificate
the CompleteCertificateRefs ContentType, SigningTime,
• SignedAttributes
both IssuerSerial and MessageDigest,
o MessageDigest
OtherHashAlgAndValue SigningCertificate (included in
o ESSSigningCertificateV2
shall be included. In the SignedData.certificates field),
o ContentType
CompleteRevocationRefs ESSSigningCertificateV2,
o SigningTime
only CRLListIDs shall be SignatureTimeStamp,
• UnsignedAttributes
included. CompleteCertificateRefs and
o SignatureTimeStamp
CompleteRevocationRefs
o CompleteCertificateRefs
attributes.
o IssuerSerial
o OtherHashAlgAndVal
ue
o CompleteRevocationRefs
o CRLListIDs
ETSI

---------------------- Page: 9 ----------------------
10 ETSI TS 119 124-3 V1.1.1 (2016-06)
TC ID Description Pass criteria Signature attributes
CAdES/C/2 This test case tests a Positive validation.
• Certificates
CAdES-E-C signature. In The signature shall contain
o SigningCertificate
the CompleteCertificateRefs ContentType, SigningTime,
• SignedAttributes
both IssuerSerial and MessageDigest,
o MessageDigest
OtherHashAlgAndValue SigningCertificate
o ESSSigningCertificateV2
shall be included. In the SigningCertificate (included in
o ContentType
CompleteRevocationRefs SignedData.certificates field),
o SigningTime
only OcspListIDs shall be ESSSigningCertificateV2,
• UnsignedAttributes
included. Every OcspListID SignatureTimeStamp,
o SignatureTimeStamp
shall include the CompleteCertificateRefs and
o CompleteCertificateRefs
ocspIdentifier and the CompleteRevocationRefs
o IssuerSerial
ocspRepHash elements. attributes.
o OtherHashAlgAndVal
ue
o CompleteRevocationRefs
o OcspListIDs
ocspIdentifier
ocspRepHash
CAdES/C/3 In this CAdES-E-C Positive validation.
• Certificates
signatures interoperability The signature shall contain o SigningCertificate
test case the signature ContentType, SigningTime,
• SignedAttributes
contains a MessageDigest,
o MessageDigest
CertifiedAttributeV2 in SigningCertificate (included in
o ESSSigningCertificateV2
addition to the CAdES/C/1 SignedData.certificates field),
o ContentType
test case attributes. ESSSigningCertificateV2,
o SigningTime
In the SignatureTimeStamp,
o SignerAttributesV2
AttributeCertificateRefs both CompleteCertificateRefs,
(CertifiedAttributeV2)
IssuerSerial and CompleteRevocationRefs,
• UnsignedAttributes
OtherHashAlgAndValue AttributeCertificateRefs and
o SignatureTimeStamp
shall be included. In the AttributeRevocationRefs
o CompleteCertificateRefs
AttributeRevocationRefs attributes.
o IssuerSerial
only CRLListIDs shall be
o OtherHashAlgAndVal
included.
ue
o CompleteRevocationRefs
o CRLListIDs
o AttributeCertificateRefs
o IssuerSerial
o OtherHashAlgAndVal
ue
o AttributeRevocationRefs
o CRLListIDs
CAdES/C/4 In this CAdES-E-C Positive validation. • Certificates
signatures interoperability The signature shall contain
o SigningCertificate
test case the signature ContentType, SigningTime,
• SignedAttributes
contains a MessageDigest,
o MessageDigest
CertifiedAttributeV2 in SigningCertificate (included in
o ESSSigningCertificateV2
addition to the CAdES/C/2 SignedData.certificates field),
o ContentType
test case attributes. ESSSigningCertificateV2,
o SigningTime
In the SignatureTimeStamp,
o SignerAttributesV2
AttributeCertificateRefs both CompleteCertificateRefs,
(CertifiedAttributeV2)
IssuerSerial and CompleteRevocationRefs,
• UnsignedAttributes
OtherHashAlgAndValue AttributeCertificateRefs and
o SignatureTimeStamp
shall be included. In the AttributeRevocationRefs
o CompleteCertificateRefs
AttributeRevocationRefs attributes.
o IssuerSerial
only OcspListIDs shall be
o OtherHashAlgAndVal
included.
ue
Every OcspListID shall
o CompleteRevocationRefs
include the ocspIdentifier
o OcspListIDs
and the ocspRepHash ocspIdentifier
elements. ocspRepHash
o AttributeCertificateRefs
o IssuerSerial
o OtherHashAlgAndVal
ue
o AttributeRevocationRefs
o OcspListIDs
ocspIdentifier
ocspRepHash
ETSI

---------------------- Page: 10 ----------------------
11 ETSI TS 119 124-3 V1.1.1 (2016-06)
5.5 CAdES-E-X test cases
The test cases in this clause have been defined for different combinations of CAdES-E-X signatures attributes.
Mandatory attributes for CAdES-E-X described in [2] specification, clause A.1, shall be present.
Table 5 shows which attributes are required to generate test CAdES-E-X signatures for each test case.
Table 5: Test cases for CAdES-E-X signatures
TC ID Description Pass criteria Signature attributes
CAdES/X/1 This test case tests a Positive validation. • Certificates
CAdES-E-X Type 1 The signature shall contain
o SigningCertificate
signature format. In the ContentType, SigningTime,
• SignedAttributes
CompleteCertificateRefs MessageDigest,
o MessageDigest
both IssuerSerial and SigningCertificate (included in
o ESSSigningCertificateV2
OtherHashAlgAndValue SignedData.certificates field),
o ContentType
shall be included. In the ESSSigningCertificateV2,
o SigningTime
CompleteRevocationRefs SignatureTimeStamp,
• UnsignedAttributes
only CRLListIDs shall be CompleteCertificateRefs,
o SignatureTimeStamp
included. A CAdES-C CompleteRevocationRefs,
o CompleteCertificateRefs
timestamp covering the ESCTimeStamp attributes.
o IssuerSerial
signature, the signature
o OtherHashAlgAndVal
timestamp, the complete-
ue
certificate-references
o CompleteRevocationRefs
attribute and complete-
o CRLListIDs
revocation-references
o ESCTimeStamp
attribute shall be included.
CAdES/X/2 This test case tests a Positive validation.
• Certificates
CAdES-E-X Type 2 The signature shall contain
o SigningCertificate
signature format. In the ContentType, SigningTime,
• SignedAttributes
CompleteCertificateRefs MessageDigest,
o MessageDigest
both IssuerSerial and SigningCertificate (included in
o ESSSigningCertificateV2
OtherHashAlgAndValue SignedData.certificates field),
o ContentType
shall be included. In the ESSSigningCertificateV2,
o SigningTime
CompleteRevocationRefs
SignatureTimeStamp,
• UnsignedAttributes
only CRLListIDs shall be CompleteCertificateRefs,
o SignatureTimeStamp
included. A CompleteRevocationRefs,
o CompleteCertificateRefs
TimestampedCertsCRLs TimestampedCertsCRLs
o IssuerSerial
timestamp covering the attributes.
o OtherHashAlgAndVal
complete-certificate-
ue
references and complete-
o CompleteRevocationRefs
revocation-references
o CRLListIDs
attributes shall be included.
o TimestampedCertsCRLs
CAdES/X/3 This test case tests a Positive validation.
• Certificates
CAdES-E-X Type 1 The signature shall contain
o SigningCertificate
signature format. In the ContentType, SigningTime,
• SignedAttribu
...