SFMS Bank Application Interface Specifications Document ... - IDRBT
21.01.2014 Views
Share Embed Flag

SFMS Bank Application Interface Specifications Document ... - IDRBT

SFMS Bank Application Interface Specifications Document ... - IDRBT

SFMS Bank Application Interface Specifications Document ... - IDRBT

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
idrbt.ac.in

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>SFMS</strong> <strong>Bank</strong> <strong>Application</strong> <strong>Interface</strong> specifications Version 3.0<br />

Appendix A – Digital Sign and Verification<br />

For straight through processing of a message, <strong>Bank</strong>API requires Block 5A with UMAC<br />

information. This section provides information on message signing and algorithms<br />

required.<br />

SIGNATURE<br />

TCS uses PKCS#7 specifications for Digital signatures. This standard describes a general<br />

syntax for data that may have cryptography applied to it, such as digital signatures and<br />

digital envelopes. Even though PKCS#7 specification specifies syntax for Signed data,<br />

enveloped data, signed and enveloped data, encrypted data etc, only PKCS#7 Signed<br />

Data is used in <strong>SFMS</strong>. The PKCS#7 data structure is shown below.<br />

PKCS#7 (CONTENT INFO)<br />

Content Type<br />

Content<br />

Indicates the type of content. It is an object identifier,<br />

which means it is a unique string of integers assigned by<br />

the authority that defines the content type. The value set<br />

by TCS is 1.2.840.113549.1.7.2<br />

Content. It consists of Signed – data Content Type<br />

PKCS#7(SIGNED DATA )<br />

Version The syntax version number. It shall be 1<br />

DigestAlgorithms<br />

Collection of message-digest algorithm identifiers.<br />

ContentInfo<br />

The content that is signed. The Content Type value set by TCS is<br />

1.2.840.113549.1.7.1 and the Content is “NULL” (detached Signature)<br />

Set Of Certificates<br />

TCS sets the Signer Digital Certificate<br />

Set of CRLs<br />

This optional field is not used by TCS<br />

Stack of Signer Info<br />

algorithm ID<br />

Algorithm identifier<br />

Parameters<br />

Algorithm used to sign certificate. TCS<br />

use either SHA1 or MD5<br />

Should not be used.<br />

Signer Info<br />

Version The syntax version number. It shall be 1<br />

IssuerAndSerialNumber<br />

Specifies the signer's certificate<br />

algorithm ID<br />

Identifies the message-digest algorithm (and<br />

Any associated parameters) under which the content and<br />

Authenticated attributes (if present) are digested. TCS uses<br />

SHA1 or MD5 algorithm<br />

AuthenticatedAttributes<br />

Set of attributes that are signed<br />

(i.e., authenticated) by the signer. TCS sets the following<br />

attributes 1) A PKCS #9 content-type attribute having as its<br />

value the content type of the Content Info value being signed 2)<br />

A PKCS #9 message-digest attribute, having as its value the<br />

message digest of the content 3) The signing-time at which the<br />

signer performed the signing process.<br />

Confidential<br />

Uncontrolled when Printed<br />

Page 21 of 24

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!