README.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

# margfools

Python script to replace [MargTools](https://businessconnect.margis.si/output/#orodja). Can be used to sign documents with [GovernmentConnect](https://margis.si/produkti/government-connect/).

## Usage


### Configure certificates and sites

Create the configuration file `~/.margfools`. The contents are described in the sections below.

#### Certificates in files
If you are using certificate files, add the paths to your TLS private key and certificate in PEM format:

    [https://gcsign.example.com/BCSign/]
    user-key = <path/to/key.pem>
    user-cert = <path/to/cert.pem>

#### Certificates on smartcards
If you have your certificate on a PIV-II smart card (e.g. Yubikey), first determine the slot on your card which contains the certificate you wish to use:

    pkcs11-tool -O

Look for "ID:" in the output.

Assuming the ID of your certificate was 07, specify the engine and certificate slot in your config file:


    [https://gcsign.example.com/BCSign/]
    engine=pkcs11
    user-key = 07


You will be asked for your pin during signing.

### Add URL schema

Section name is the percent-decoded value of `baseURL` in

    bc-digsign://sign?accessToken=…&baseUrl=https%3a%2f%2fgcsign.example.com%2fBCSign%2f&…'

You can set `margfools` as the default program for `bc-digsign` URLs by copying the `margfools.desktop` file to `~/.local/share/applications/` and running

    xdg-mime default margfools.desktop x-scheme-handler/bc-digsign

or by setting the default application in your browser.