Digital Signing guidelines - NatWest

More documents

Recommendations

Info

Placeholder {boundary text} {CRLF} {signature} {content type/content sub-type} {raw data} Description Any alpha-numeric text. Preferably unique per file Carriage Return Line Feed – 0x0D 0x0A The CMS {pkcs7) object returned from signing application MIME media type describing the raw data. E.g. “text/plain”, “text/xml” or “application/octet-stream” The original data required to be processed by Bankline Direct An example of an S/MIME detached signature file is: MIME-Version: 1.0 Content-Type: multipart/signed; protocol=”application/x-pkcs7-signature”; micalg=sha1; boundary=”myboundary123” S/MIME signed file --myboundary123 Content-Type: text/plain Field1A,Field2A,Field3A Field1B,Field2B,Field3B --myboundary123 Content-Type: application/x-pkcs7-signature; name=”smime.p7s” Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=”smime.p7s” MIIFDgYJKoZIhvcNAQcCoIIE/zCCBPsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3 DQEHAaCCA54wggHLMIIBNAIBBDANBgkqhkiG9w0BAQUFADAuMQwwCgYDVQQDDANC MkIxETAPBgNVBAoMCFN0ZXJsaW5nMQswCQYDVQQGEwJVUzAeFw0wOTA2MzAxMDU1 MTBaFw0xMTA2MzAxMDU1MTBaMC4xDDAKBgNVBAMMA0IyQjERMA8GA1UECgwIU3Rx ................................................................ ...........C3v2QmT8zwqHihIHxMHLrCTZmXMM= --myboundary123-- 10 Placeholder {boundary text} {content type/content sub-type} {raw data} Value mybound123 text/plain Field1A,Field2A,Field3A{LF} Field1B,Field2B,Field3B{LF}
Bankline Direct will use whatever data is between the MIME Part 1 start and end boundaries to verify the signature. Therefore, the data that needs to be signed must include all data from MIME Part 1. All this must be sent to the signing application: MIME Part 1 Content-Type: {content type/content sub-type}{CRLF} {CRLF} {raw data}{CRLF} For example Content-Type: text/plain Field1A,Field2A,Field3A Field1B,Field2B,Field3B Embedded Signatures An embedded signature is where the signature and data are combined within a single (Cryptographic Message Syntax) CMS structure. These are also known as Opaque signatures. MIME Header MIME Part Signed Data and Signature – CMS format This can be represented as follows: MIME Header MIME-Version: 1.0{CRLF} Content-Disposition: attachment; {optional CRLF}{SPACE}filename=”smime.p7m”{CRLF} Content-Type: application/x-pkcs7-mime; {optional CRLF}{SPACE}smime-type=signed-data; {optional CRLF}{SPACE}name=”smime.p7m”{CRLF} Content-Transfer-Encoding: base64{CRLF} {CRLF} MIME Part {CMS object with Data and Signature} 11
Page 1 and 2: Bankline Direct Digital Signature G
Page 3 and 4: Terminology Used For ease of refere
Page 5 and 6: Introduction 1.1 Introduction to Ba
Page 7 and 8: 2. Overview of Digital Signing Solu
Page 9: Detached Signatures A detached sign
Page 13 and 14: 4. Use of File Signing 4.1 Typical
Page 15 and 16: 5.3 Signature Validation There are
Page 17 and 18: 6. Smartcard File Signing 6.1 Smart
Page 19 and 20: 6.2 Setup Instructions The followin
Page 21 and 22: The code extract overleaf shows tha
Page 23 and 24: 7. Hardware Security Module Custome

Digital Signing guidelines - NatWest

Create successful ePaper yourself

Delete template?

Save as template?