This example shows how to generate a CMS signature (RFC 3852) by accessing the TrustedX signature generation service in a RESTful way.

The HTTP POST action is used to ask the trustedx-sgw/cms/signature/generation resource located in labs.safelayer.com to generate the CMS signature of the message "Hello world !!!". The message is encoded in base64 in the element of the request being sent (in the message-body).

Please, note that the servicePolicy parameter in the URI is used to specify the policy under which the signature is wanted to be generated (txDemoSignPolicy). Likewise, the name (trustedX) and password (trustedX) of the signer are provided in the username and password parameters. Obviously, it is necessary to authenticate the signer since generating the signature involves access to a secret signature key. In a real production environment, the confidentiality of the password and the integrity of data should be assured by using a TLS channel.

POST /trustedx-sgw/cms/signature/generation?username=trustedx HTTP/1.1 Host: labs.safelayer.com Content-Length: 45 Content-Type: application/x-trustedx-data+xml <Base64Data>SGVsbG8gd29ybGQgISEh</Base64Data>

The following explanation refers to the response given by TrustedX when it receives the previous request. Consequently, click on Try for TrustedX to generate this response.

As you can see, the response obtained consists of a base64 encoding ( element) of the CMS signature of the data that was sent in the request. Specifically, it is a detached signature, i.e. a signature that does not include the signed data.

Note:
To implement this example, the TrustedX SmartGateway component must be configured properly. See REST HowTo for an explanation on how to perform this.