eSign Overall Technical Flow

ASP sends the request xml for electronic signature with the inputs Aadhaar Number, Authentication parameter (OTP/Biometric) and Document Hash and obtains the response xml from eMudhra eSign Service which has Consolidated PKCS #7 Response, User x.509 certificate and Signature Data.

The request xml and response xml are digitally signed by the initiators to ensure tamper proofing.

Request XML

<Esign ver="" sc="" ts="" txn="" aspId="" esignClass="" preferredCa="" gatewayPin="" >
<Input>Document Hash in Hex</Input>
<Aadhaar>base-64 encoded Aadhaar Auth XML as per UIDAI specifications</Aadhaar>
<Signature>Digital signature of ASP</Signature>

Response XML

<EsignResp status="" ts="" txn="" resCode="" errCode="" errMsg="">
<SignedData>Signature data corresponding to input document hash</SignedData>
<UserX509Certificate>base64 value of end user certificate (.cer)</UserX509Certificate>
<Pkcs7Response>Consolidated PKCS7 signature with CMS data</Pkcs7Response>
<AadhaarResp>base-64 encoded authentication response which is contained within the eKYC response of UIDAI</AadhaarResp>
<Signature>Signature of ESP</Signature>

More information can be obtained from the following document Download eSign API