Digital Signing guidelines - NatWest

More documents

Recommendations

Info

Placeholder {CRLF} {pkcs7 signature} {CMS object with Data and Signature} Description Carriage Return Line Feed – 0x0D 0x0A The pkcs7 object returned from signing application CMS object containing original data to be signed and the signature An example of an S/MIME embedded signature file is: MIME-Version: 1.0 Content-Disposition: attachment; filename=”smime.p7m” Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name=”smime.p7m” Content-Transfer-Encoding: base64 MIIFDgYJKoZIhvcNAQcCoIIE/zCCBPsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3 DQEHAaCCA54wggHLMIIBNAIBBDANBgkqhkiG9w0BAQUFADAuMQwwCgYDVQQDDANC MkIxETAPBgNVBAoMCFN0ZXJsaW5nMQswCQYDVQQGEwJVUzAeFw0wOTA2MzAxMDU1 MTBaFw0xMTA2MzAxMDU1MTBaMC4xDDAKBgNVBAMMA0IyQjERMA8GA1UECgwIU3Rx ................................................................ ...........C3v2QmT8zwqHihIHxMHLrCTZmXMM= In this case, only the raw data need be sent to the signing application: Field1A,Field2A,Field3A Field1B,Field2B,Field3B The signing application must be instructed to return the CMS object with the signed data included. This can be then used to populate MIME Part 12
4. Use of File <strong>Signing</strong> 4.1 Typical Use of an HSM A Hardware Security Module (HSM) can be used to apply a digital signature to a payment file before it is sent onto the Bankline Direct service. The HSM stores the certificates and signing keys. A typical use of an HSM solution is for a payment file to be generated and presented to the HSM in order to apply a digital signature automatically to the file before being sent to the Bankline Direct service. HSMs also have the capability to store the Bankline Direct certificate details to validate files being sent to the customer from the service. Please refer to section 7 for configuration details for HSM. 4.2 Typical Use of Smartcards Smartcards and card readers provide a manual approach to apply digital signatures to payment files. The card readers are connected to a local computer using specific signing software. Smartcards are assigned to individuals and must be combined with a user passcode to sanction the digital signing. A typical use of a Smartcard solution is for a payment file to be generated and presented to the signing software, where the operator can sign the file (using the eSigner software provided) using their individual Smartcard and passcode before they submit the files onto the Bankline Direct service. 13
Page 1 and 2: Bankline Direct Digital Signature G
Page 3 and 4: Terminology Used For ease of refere
Page 5 and 6: Introduction 1.1 Introduction to Ba
Page 7 and 8: 2. Overview of Digital Signing Solu
Page 9 and 10: Detached Signatures A detached sign
Page 11: Bankline Direct will use whatever d
Page 15 and 16: 5.3 Signature Validation There are
Page 17 and 18: 6. Smartcard File Signing 6.1 Smart
Page 19 and 20: 6.2 Setup Instructions The followin
Page 21 and 22: The code extract overleaf shows tha
Page 23 and 24: 7. Hardware Security Module Custome

Digital Signing guidelines - NatWest

Create successful ePaper yourself

Delete template?

Save as template?