The following text describes one of several possible instructions for restoring the contents (data files) of a digitally signed container; in certain limited cases these instructions can also be used for the restoration of an integral document.
Such defective ddoc files that have no content can occur in older versions of the DigiDoc Client software (versions 2.7.8-2.7.11). Viewing the confirmation page of the signed document and then saving the ddoc container (again) will make the document contents disappear. NOTE! If you still use the old DigiDoc Client software then please update your ID-card basic software at http://installer.id.ee.
This manual assumes that
- a ddoc container in format 1.3 is being repaired
- all original files that were in the container still exist
Due to a software error the DataFile tag was replaced with hashcode inside the ddoc container upon viewing the confirmation page.
This is what a data file D0 looks like in a correct file (DataFile tag contains the data file in base64 format):
<DataFile ContentType="EMBEDDED_BASE64" Filename="Testfail_1.xml" Id="D0" MimeType="application/octet-stream" Size="25" xmlns="http://www.sk.ee/DigiDoc/v1.3.0#">PHRhZz5UZXN0ZmFpbF8xLnhtbDwvdGFnPg==
This is what a DataFile tag looks like in HASHCODE format (does not contain a data file, the attributes have been changed, incl. DigestValue has been added):
<DataFile xmlns="http://www.sk.ee/DigiDoc/v1.3.0#" ContentType="HASHCODE" DigestType="sha1" DigestValue="t2F8toaz7zkJNrNJJve3oZHSfR4=" Filename="Testfail_1.xml" Id="D0" MimeType="application/octet-stream" Size="25">
For correction the DataFile tag HASHCODE format must again be replaced with the correct format and data file. In order to achieve this objective:
- Create a new ddoc container (preferably use the same software which was used for the creation of the ddoc container that did not contain a data file)
- Add the same documents in the same order into the container and save it, do not add signatures
- Open the file in HASHCODE format as well as the new file created in the previous step with a text editor
- From the new file, copy all DataFile tags (there are several if the container contains more than one data file) with contents and replace them in the file in HASHCODE format
- Save the corrected file and check whether the signatures are valid and the contents open
Notes and observations
- Pay attention to correct line break coding (\n), a line break must be before the DataFile ending mark – it is important since the DigestValue of the HASHCODE format is calculated over the entire original DataFile marking (including line breaks)
- If any file has been removed upon the creation of the original file then it may happen that the numbering of data files is no longer correct (for example if the second file is removed - D0,D2,D3) – use the correct Id value for replacement
- Data files have been encoded in base64
Such files may also be created if the application has failed to properly implement the use of the DigiDocService web service data file content type’s hashcode. If instead of the data file contents only the hash has been sent to the service then the <DataFile> element containing the data file must be replaced back upon getting the file back from the service (for example after verification of the container or adding signatures).