|
This example shows how to generate a CMS signature (RFC 3852) by accessing the TrustedX signature generation service in
a RESTful way.
The HTTP POST action is used to ask the trustedx-sgw/cms/signature/generation
resource located in labs.safelayer.com to
generate the CMS signature
of the message "Hello world !!!". The message is encoded in base64 in
the <Base64Data> element
of the request being sent (in the message-body).
Please, note that the servicePolicy
parameter in the URI is used to specify the policy under which the signature is wanted to be generated (txDemoSignPolicy). Likewise,
the name (trustedX) and
password (trustedX) of the
signer are provided in the username and password
parameters. Obviously, it is necessary to authenticate the signer since
generating the signature involves access to a secret signature key. In a real
production environment, the confidentiality of the password and the
integrity of data should be assured by using a TLS channel.
POST /trustedx-sgw/cms/signature/generation?username=trustedx HTTP/1.1
Host: labs.safelayer.com
Content-Length: 45
Content-Type: application/x-trustedx-data+xml
<Base64Data>SGVsbG8gd29ybGQgISEh</Base64Data>
| | | | | | | |
|
The following explanation refers to the response
given by TrustedX when it receives the previous request. Consequently, click on
Try for TrustedX to generate this
response.
As you can see, the response obtained consists of a
base64
encoding (<Base64Signature>
element) of the CMS signature of the data that was sent in the request.
Specifically, it is a detached
signature, i.e. a signature that does not
include the signed data.
Note:
To implement this example, the TrustedX SmartGateway
component must be configured properly. See REST HowTo for an explanation on how to perform this.
|
