Digital signature is based on a new transaction table (Transaction Signature) which holds data needed for signature and the signature itself. The signature is handled by a new event subscription codeunit (Transaction Signature) that subscribes to an OnAfterPostTransaction event published by the POS Post Utility.
The signature is based on asymmetric cryptography using a public key algorithm, RSA. To generate the digital signature, the codeunit creates a one-way hash, SHA-1, of the electronic data being signed. The private key is then used to encrypt the hash. The encrypted hash is the digital signature.
The key used for the signature is stored in the system certificates repository (x509 store). For demo purposes, the key is a Self-Signed Certificate stored under current user with a fixed subject name “Norwegian_Tax”. Both the stored location and the fixed name can be changed by editing the Transaction Signature codeunit. See functions FindCertificate and GetCertificationName.
To create the demo certificate, use this PowerShell command:
New-SelfSignedCertificate -Type Custom -Subject "CN=Norwegian_Tax" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.3") -KeyUsage DigitalSignature -KeyAlgorithm RSA -KeyLength 1024 -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -CertStoreLocation "Cert:\CurrentUser\My"
Note: The provided PowerShell command is for creating the demo certificate. Make sure to adjust it according to your specific requirements, such as the subject name and certificate properties.