Support

Η υπογραφή / signature γίνεται decoded σε byte array και το decode γίνεται σε base 64.

To hashing γίνεται σε sha256 και το format του αποτελέσματος από το hashing είναι είτε σε base 64 είτε σε HEX.            
Αναλυτικότερα, δείτε τις παρακάτω οδηγίες

-----------------------------------------------------------------------------------

Proposal for Procedure - Creation and Verification of Digital Signature

Version 1.5 - 29/03/2024

-----------------------------------------------------------------------------------

Requirements

The specification by the Independent Authority for Public Revenue (AADE) sets the following prerequisites for digital signature:

1. The digital signature must use ECC (Elliptic Curve Cryptography).
2. The key length must be 256 bits.
3. The generated signatures will have a length of 64 bytes.
4. The input of the signature must include the following:
5. 
   
   • Document Identifier (UID)
   • MARK in the case of delayed payment
   • Date and Time of the Signature
   • Payable Amount
   • Net Value
   • VAT
   • Total Document Amount
   • Terminal ID of the payment medium

Proposals

Our proposals regarding the technical implementation of the requirements are as follows:

Standardization of the text for signing:
To create a text that can be consistently regenerated, independently of the payment terminal and system, the following standardization is recommended:

• The clean form of the text for signing will be in US-ASCII format.
• Required fields will be included in the text in the following order, as variable-length fields, separated by the ‘;’ character as a field separator.

Fields for signing:

Example of a text to be signed, including the following values:

Resulting text for signing:
D4F6A5F5C6123658F78369E5191ED5C9D73CB7AC;400013293980417;20231114100000;100;24;124;124;01234567

In cases where a field (e.g., MARK) is empty:
D4F6A5F5C6123658F78369E5191ED5C9D73CB7AC;;20231114100000;100;24;124;124;01234567

ECC Prime Curve

The ECC technology requires the selection of a prime curve for the implementation.
Our recommendation is to use the prime256v1 curve, which is standardized by NIST.

Example of generating a key pair using this curve with OpenSSL:

openssl ecparam -name prime256v1 -genkey -out private_key.pem

openssl ec -in private_key.pem -pubout -out public_key.pem

Example output of the commands:

• Private Key:

-----BEGIN EC PARAMETERS-----

BggqhkjOPQMBBw==

-----END EC PARAMETERS-----

-----BEGIN EC PRIVATE KEY-----

MHcCAQEEIAm8LOPlxVl8yQlflu5hRnNWN75yhfr7jJ1S3ZBfSiiKoAoGCCqGSM49

AwEHoUQDQgAEpzk6G8Y2bV3n539vK/+y7n4wZjD5fmhCXuTSxo+bg8t4NEqy8WHW

zF9SmHC7HnarnJ8p3gukw8Noxmavs7hPSw==

-----END EC PRIVATE KEY-----

• Public Key:

-----BEGIN PUBLIC KEY-----

MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEpzk6G8Y2bV3n539vK/+y7n4wZjD5

fmhCXuTSxo+bg8t4NEqy8WHWzF9SmHC7HnarnJ8p3gukw8Noxmavs7hPSw==

-----END PUBLIC KEY-----

Signing Algorithm

To create a digital signature using ECC keys, the proposed algorithm is ECDSA (Elliptic Curve Digital Signature Algorithm).
This is currently the most widely used ECC signature algorithm and is utilized in applications such as SSL/TLS.

For security purposes, it is standard practice to generate a hash of the original text and then encrypt the hash.
Our recommendation is to use the SHA-256 hash function.

Final Signature Details:

• Nominal length: 64 bytes.
• However, due to algorithm nature, the size may vary (up to 71–72 bytes).

Complete Example:

• Plain text in US-ASCII:
  D4F6A5F5C6123658F78369E5191ED5C9D73CB7AC;400013293980417;20231114100000;100;24;124;124;01234567
• Hashed text (SHA-256) in HEX:
  ADB9C55E1D866CE742CDF7A7EA35268E766B5984EAEB5DEF65F76A1DC7631A89

• Signature in HEX (ASN.1 format):

3046022100DC4350AD0ABB451701C9592D07A06EA7FB3DB021786BA72755E41D9452562833022100CE112AF425

2C606862F2CB9FC1AC86FD47D2CC94DFFFFAF6CCD2FD699705E323