This website has been translated by machine translation software and has not been subsequently revised by translators. Further information at: link. Hide

La API a través del componente central solicita el PKCSEl Componente Central recupera el PKCS

PAe - CTT - Additional Information - Cl@ve Signature
the accesskey _ mod _ content
-

Cl@ve Signature

  • Functional description

    El sistema Cl@ve es la plataforma común del Sector Público Administrativo Estatal para la identificación, autenticación y firma electrónica. Nace con el objetivo de facilitar el acceso y la firma electrónica de los ciudadanos en los servicios públicos electrónicos de las Administraciones Públicas.

    This platform was adopted by agreement of council of ministers of 19 September 2014, and began to operate, providing the service of electronic identification, on 17 November 2014.

    The system Cl@ve also includes the signature centralized, with certificates in the cloud, which seeks to overcome definitively problems of use of electronic certificates on the computers of users. Certificates of citizens are guarded with strong security measures centralized servers administration, in particular the overall direction of the police (DGP) and supported in the Computer Management of Social security (GISS). to access them the incumbent you need to authenticate with username and password for your Permanent Cl@ve and introduce a code of a single use sent by telephone (dual-factor authentication). The signature is performed on the server and not in the user's computer, so that the citizen does not have to worry about the management of certificates and can also sign from any device.

    The signature is always performed in the system HSM and “ using data from creating the electronic signature that the author can use, with a high level of confidence, under its exclusive control ”, so that it can be considered as electronic signature, equivalent to a handwritten signature.

    In this way, with Cl@ve - Signature is achieved gather in the same technical solution ease of use posed to the citizen using a username, password and code sent to your phone with the high level of security that provide electronic certificates. Additionally, the use of electronic certificates ensures that the signed documents are directly interoperable, thereby facilitating their post-treatment in systems of electronic administration.

    Technical Description

    The signing process is as follows:

    Signing key

    • El usuario se identifica ante el sistema y solicita la firma de algún formulario/documento (1). Se consulta a la plataforma de firma de la GISS/DGP para saber si el ciudadano identificado con ese NIF posee certificados en la nube.
    • Prepares the prefirma (first part of the signature triphase, preceding the encryption of data with the private key), with documents and the hash that should be encrypted (2) and (3).
    • Se solicita a la plataforma de firma de la GISS/DGP el uso de la clave privada, devolviendo al usuario una URL en la que debe introducir su contraseña y la clave OTP para el uso del certificado (4).
    • El usuario introduce los datos requeridos para autorizar el proceso de firma (5).
    • La plataforma de firma de la GISS/DGP realiza el cifrado de la huella digital con la clave privada del ciudadano (segunda parte de la firma trifásica) (6).
    • The citizen is redirected to the page that will complete the process of signing (7).
    • The page AE operates with the signature as it is indicated.
Maintainer

Interesting links Solutions