This website has been translated by machine translation software and has not been subsequently revised by translators. Further information at: link. Hide
the accesskey _ mod _ content

Validation platform of electronic signature @firma

  • Start date Production:

    16 / 03 / 2006

    Functional description

    @firma is a system that determines the validity of digital certificates of multiple public key infrastructures (PKI), including the DNI electronic, employees in operations of authentication and electronic signature of any application in the Field of public administrations to connect to their services.

    When the citizen interacts with the administration, to complete a formality staff, it is necessary to know its identity, which viewed is done via the DNI electronic or an electronic certificate. The Administration check the status of the certificate or DNIe with which the citizen is identifying or signing the application. For this check is used the platform of validation @firma, delegating in her the verification of the credentials of certificate or DNIe used.

    The services offered to agencies can be catalogue in:.

    1- Validation Services:

    • of web services validation of signatures in multiple formats digital
    • of web services validate certificates electronic different profiles and providers.
    • OCSP multiprestador
    • Longeva validation of signatures.

    2- Services of electronic signature:

    • Through the service DSSAfirmaVerify enables updating or upgrade electronic signatures from a basic format to a more advanced format. you can specify the format to which you want to extend the signature. The different values can be: BES ARRIVING, EPES, T, C, X, X-1, X-2, X-L. X-L-1, X-L-2 and A. Supports hash algorithms SHA1 and SHA2 algorithms and signature RSA and elliptic curves.
    • For federated model (own installation of the body of the platform @firma ’, provides a signature functionality in server.

    3- For signing automated processing, provides a API ( Integr@ ) which provides functions of creation of signatures in different formats, as well as facilitates the integration with the advanced Web Services @firma. The API can be downloaded from the download area of this page.

    4-Para signature of citizens in local, independent of the validation platform but as part of the ‘ Suite @firma ’ provides a component which integrates with the browsers of users, to facilitate the incorporation of signature in computerized procedures. Allows signatures from desktop environments and from mobile devices. You can find more information of this component in the specifies page @firma client.

    5- Services of time-stamping. You can find more information of this service in the page TS@  

    6- Other components of the Suite. You can consult the rest of services and products of the ‘ Suite @firma ’ in the page of the Suite

    7- Support to the operation: through support services to integration, support for the shift towards new standards of electronic signature.



    To integrate into @firma is necessary to continue some simple steps:

    1. To be connected to the network SARA.
    2. Contact the customer support through the form enabled the effect and facilitate your contact details.
    3. The support team will inform you of the prerequisites and provide the form to access control that the agency must complete. In the download area of the Portal of E-government, the agency you have at your disposal technical documentation of services as well as examples for integration. This information is accessible only for users of public administrations registered at the PAE.
    4. The agency should connect applications of electronic administration services to access the platform via web services.


    The benefits that the platform facilitates to agencies are:

    • The recognition of multiple certificates.
    • Independencia del prestadores de servicios de certificación ya que soporta de varios protocolos de validación de certificados (OCSP, HTTP, LDAP).
    • The use of security policies to ensure confidentiality, authenticity and integrity of all transactions performed.
    • Mayor eficiencia y menor coste en la utilización de la firma electrónica en los servicios telemáticos prestados.
    • Transparent ago for applications using different formats of electronic signature as PKCS # 7, CMS, XML signature, XAdES, CAdES, PAdES
    • Interoperability with services provided by public administrations. Extends interoperability at European level and its agencies and institutions to be contemplated specifications for compatibility with the European union.
    • Cost reduction: the service allows you to optimize the cost of the services of validation of certificates for each application.
    • Innovation: the platform of validation multi-PKI has become the first major centralized service that provides horizontal electronic services to all public administrations of the country for free.

    Technical Description

    The services offered are:

    Validate certificates X.509 according to the RFC 3280, of certification authorities included in the platform. Between the validation features include:

    • Recognition and validation of the electronic DNI issued by the General direction of the police, and multiple providers.
    • Validate certificates X.509 according to the RFC 3280, all certification authorities recognized in the country by the ministry of industry
    • Validación Multinivel de certificados (en el caso de estructura de certificación de más de dos niveles).
    • Through a gathering in XML parsing of the corresponding information to the fields of the certificate, according to the policy of confidence defined for the certificate type.
    • Caché de validación configurable en tiempo, para evitar tener que acceder al PSC ante validaciones de un mismo certificado en un corto período de tiempo.

    Signature validation :

    • Transparent ago for applications using different formats of electronic signature as PKCS # 7, CMS, XML signature, PDF, PDF, XAdES, CAdES, PAdES, and different cryptographic algorithms …
    • Signature validation via web services (WS) of an element signed, indicating if the signature is correct and validity, dated time, etc. Also takes place the interpretation of the fields of certificates to a XML homogeneous.

    Generation of Signature :

    • Through the service DSSAfirmaVerify allows the upgrade of electronic signatures to a more advanced format, for it is possible to specify the format to which you want to extend the signature. The different values can be: BES ARRIVING, EPES, T, C, X, X-1, X-2, X-L. X-L-1, X-L-2 and A.
    • The currently supported hash algorithms are SHA1 and SHA2 (the rest are obsolete).
    • En estos momentos los algoritmos de firma digital soportados son RSA y curvas elípticas.

    Management and administration

    The platform is the management and administration of service providers of certification attached. All operations on the platform are registered for the audit and traceability of the system.


    @Firma demonstrator:

    @Firma demonstrator : Direct access to services of @firma (Validation tool).

General access point
General access point