Home | Sign in | English EN
  • Example of digital signature to be used for the compliance of cash register software (NF525 standard).
  • Example of string signature
CertificateSignString (Example)
Example of digital signature to be used for the compliance of cash register software (NF525 standard).
// Data to sign
bufToSign is Buffer
bufDataSeparator is Buffer = ","
// Bundle containing the certificate and the private key with the requested type of algorithm:
// RSA 2048, Elliptic Curve Digital Signature Algorithm (ECDSA)....
sFileNameCerticateAndPrivateKeyForSignature is string
sFileNameCerticateAndPrivateKeyForSignature = fDataDir() + "\signature.p12"
// Password for the private key of certificate
sPasswordPrivateKeyCertificate is string = "passwordprivatekey"
// Certificate only or public key only, to be supplied to the applications/tools
// that must be able to check the signatures
sFileNameCerticateOnly is string = fDataDir() + ...
"\certificate.cer" //or fDataDir() + "\public.pem"
// Signature obtained
bufRoughSignature is Buffer
// Signature in Base64 URL format (printable characters only)
sSignaturebase64URL is string
// Data to sign, a combination of items in most cases:
// Line ID, Date and time (for signature = invoice date or payment date), ActionCode
// Third-party ID, Third-party caption,Third-party VAT num,Third-party country,
// Company name, Company VAT num, Company country,
// Author ID,Author name
// Invoice ID,Invoice ref,Invoice date
// Payment ID,Payment ref,Payment date
// Grand total,Amount (part on the invoice),Payment mode
// Amount BT,VAT amount,Amount tax 1,Amount tax 2,Amount IOT
// Example below with "hard-coded" values instead of item names:
arrItems is array of strings = ["LineID","InvoiiceDateTime", "ActionCode"]
bufToSign = ArrayToString(arrItems,bufDataSeparator) //Etc....
bufRoughSignature = CertificateSignString(bufToSign, ...
sFileNameCerticateAndPrivateKeyForSignature, ...
sPasswordPrivateKeyCertificate, ...
certSignatureOnly + certSHA256 ) //SHA2 = SHA256
// Notes:  
// - to support the algorithms of some certificates
// (Elliptic Curve Digital Signature Algorithm (ECDSA)),
// you must specify the file name and
// YOU MUST NOT USE a certificate variable with CertifcateLoad.
// - the certificate can be included in the application library (.WDL or .EXE file)
// all you have to do is place it in the project dependencies ("Other"
// in the treeview of project explorer)
// - The update dated July 28, 2017 must have been downloaded:
// http://www.windev.com/st/telec/windev22/windev22_71k.htm#download
Error("Signature failure", ExceptionInfo())
IF ErrorOccurred THEN
Error("Error during the signature", ErrorInfo())
// Transforms the signature into base64 URL, without non-printable characters
sSignaturebase64URL = Encode(bufRoughSignature, encodeBASE64URL)
Trace("Base64URL signature: " + sSignaturebase64URL)
// To check the signature in another process, use a code such as:
// Caution: You must use the file of public key
// and not the certificate with private key that requires a password
SWITCH CertificateCheckString(bufToSign, Decode(sSignaturebase64URL, encodeBASE64URL), ...
sFileNameCerticateOnly, certSignatureOnly + certSHA256)
CASE certificateOk: Info("Valid signature and trusted certificate")
CASE certificateInvalid: Info("Invalid signature or certificate", ErrorInfo())
CASE certificateExpired: Info("Valid signature but expired certificate", ErrorInfo())
CASE certificateUntrusted: Info("Valid signature but root confidence " + ...
"of certificate not reliable", ErrorInfo())
// Case for a self-signed certificate used on another computer/network
Error("Unexpected result of signature check", ErrorInfo())
Example of string signature
String signature according to a certificate installed on the computer (caution: using the syntax with a Certificate variable NOT COMPATIBLE with the NF525 standard regarding the accounting software).
MyCertificate is Certificate
// Open the certificate picker of Windows
MyCertificate = CertificateSelect()
// Cancelation or error
IF MyCertificate.Name = "" THEN
// Checks the certificate validity for the signature
// Caution: not compatible with some types of certificates, especially ECDSA/Elliptic Curve
// for these certificates, you must use the syntax of CertificateSignString
// without the 'Certificate' type with the name of certificate file
IF MyCertificate.ValidForSignature = False THEN
Info("The selected certificate cannot be used to generate a signature.")
// Retrieve the buffer containing the signature
bufSignature is Buffer
bufSignature = CertificateSignString("Character string to sign", MyCertificate)
// Retrieve the certificate found in the signature buffer
MyExtractedCertificate is Certificate
MyExtractedCertificate = CertificateExtract(buffSignature)
// Manage the errors
IF MyExtractedCertificate = Null THEN
// Open the window for certificate properties
Minimum version required
  • Version 16
This page is also available for…
Click [Add] to post a comment