Time-stamping a CMS signature
|
 |
 |
|
|
This example shows how to access the TrustedX
signature updating service in a RESTful way in order to verify a CMS (RFC 3852) signature and then update it with a time-stamp so as to obtain an ETSI 101 733
advanced signature of the ES-T (CAdES-T) type.
The HTTP POST action is used to ask the trustedx-sgw/cms/signature/updating
resource located in labs.safelayer.com to
verify and update a CMS signature
that supposedly corresponds to the message "Hello world !!!". Both the signature (<Base64Signature> element)
and the signed data (<Base64Data>
element) are encoded in base64 in
the <SignedData> element
of the request being sent (in the message-body).
Please note that the servicePolicy
parameter in the URI is used to specify the policy under which the signature is wanted to be verified
and updated (txDemoVerifyPolicy).
POST /trustedx-sgw/cms/signature/updating?servicePolicy=txDemoVerifyPolicy HTTP/1.1
Host: labs.safelayer.com
Content-Length: 2379
Content-Type: application/x-trustedx-signedData+xml
<SignedData>
<Base64Data>SGVsbG8gd29ybGQgISEh</Base64Data>
<Base64Signature>MIIGnwYJKoZIhvcNAQcCoIIGkDCCBowCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCBDQwggQwMIIDGKADAgECAgIC2DANBgkqhkiG9w0BAQUFADBuMUEwPwYDVQQKEzhTYWZlbGF5ZXIgU2VjdXJlIENvbW11bmljYXRpb25zLCBTLkEuIFtDLkkuRi4gQTYxOTMwMDQ2XTEpMCcGA1UEAxMgU2FmZWxheWVyIC0gQ2xhc3MgMSBSb290IENBIERlbW8wHhcNMDYwOTIwMTIyMTI3WhcNMTAwOTIwMTIyMTI3WjBCMQswCQYDVQQGEwJFUzERMA8GA1UEChMIVHJ1c3RlZFgxDTALBgNVBAsTBERlbW8xETAPBgNVBAMTCHRydXN0ZWR4MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMiM8BSVIfTv4PFv3Nzl0YhCWBT/86Z4rVZmlREWPuUGAMTumWJPLhNedSG1woXFgrGxlqjDakLnb+1p60yKRHMSAwHhoaa2nrabDCdm7bGtTlenRP8qnOifIK5hICU+T0/Om4IMcMN6PxBcdWZeMP+TGcUS902AR9bzGIhhM4gwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA8gwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBEGCWCGSAGG+EIBAQQEAwIFoDAdBgNVHQ4EFgQUJ/V/RYiTtkZwVfrvABPikVAlQs0wgZgGA1UdIwSBkDCBjYAUNEmbBBkEQgCP0PZ4m8TXjcAX7TShcqRwMG4xQTA/BgNVBAoTOFNhZmVsYXllciBTZWN1cmUgQ29tbXVuaWNhdGlvbnMsIFMuQS4gW0MuSS5GLiBBNjE5MzAwNDZdMSkwJwYDVQQDEyBTYWZlbGF5ZXIgLSBDbGFzcyAxIFJvb3QgQ0EgRGVtb4IBATA4BggrBgEFBQcBAQQsMCowKAYIKwYBBQUHMAGGHGh0dHA6Ly92YS5zYWZlbGF5ZXIuY29tOjgwOTQwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2RlbW8uc2FmZWxheWVyLmNvbS9jcmxzL2NybERlbW9zLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAl43/n4Ea6tH5uT/xTUbmjLTjpxlDfLSZXSUWFjLnb49Hxfmlh4R+w4qTdEENDoVLQBvYGUd5cWAT4PBRu4EqO/gcif7bgPcMB9ZwDVlGXwHG5ugjnLQJANLGobhepzNPYxWwx9l9eRtMXsHmBBuWtrpL+fYRF+DX6udwhdb+//1tsg+ibfjvORSPsI7Ou/oC5yv4SFlieYMAQvNpdEK5kwknzsqpZnZ7W/Ruj4sNKXDG0en84sFWGlX3W8cZaVpxTKUsBTO3N5zEoh3WaglBlxJLfjDdrd39nYv8WMEpj+Akt82H+N39e7zH76g4mncpHJcdQWgFj5IeT/YrWV098TGCAjMwggIvAgEBMHQwbjFBMD8GA1UEChM4U2FmZWxheWVyIFNlY3VyZSBDb21tdW5pY2F0aW9ucywgUy5BLiBbQy5JLkYuIEE2MTkzMDA0Nl0xKTAnBgNVBAMTIFNhZmVsYXllciAtIENsYXNzIDEgUm9vdCBDQSBEZW1vAgIC2DAJBgUrDgMCGgUAoIIBFTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wODA4MDYxMzQwNDZaMCMGCSqGSIb3DQEJBDEWBBQsGSnJMJb/HWJVRPcySsD9dyQnnDCBtQYLKoZIhvcNAQkQAi8xgaUwgaIwgZ8wgZwEIHIT6Yg6XdR2pKoVf74hBvHBbQ2nff4P9QNucXq69XV6MHgwcqRwMG4xQTA/BgNVBAoTOFNhZmVsYXllciBTZWN1cmUgQ29tbXVuaWNhdGlvbnMsIFMuQS4gW0MuSS5GLiBBNjE5MzAwNDZdMSkwJwYDVQQDEyBTYWZlbGF5ZXIgLSBDbGFzcyAxIFJvb3QgQ0EgRGVtbwICAtgwDQYJKoZIhvcNAQEBBQAEgYCie4C1OtKT38iZe2oOkWzhbrj0gdJj8s8wk7nkrNvlj/FUjWH4J5g+psDnt7w6teLmri/dDVJRC7ehK7t+tXzLYRmMIJ7K5To57ayXMKXYQUOJKluwrpbvjM88sR9uNUl5IOK6M1DypZk4/R4XqnUU0AzoX+HJSpkgF4UuQzWJCw==</Base64Signature>
</SignedData>
| | | | | | | |
|
The following explanation refers to the response
provided by TrustedX when it receives the previous request. Consequently, click
on Try for TrustedX to generate this
response.
As you can see, this response contains (<SignatureAndTime>
element):
- Base64 encoding of the CMS signature that was sent in the request, extended with the
generated time-stamp (<Base64Signature>
element) .
- A text representation of the time-stamp added to the signature (<TimeStamp>
element) .
Note:
To implement this example, the TrustedX SmartGateway
component must be configured properly. See REST HowTo for an explanation on how to perform this.
|
|
|
