The Swedish BankID returns a XMLDSIG structure (XML Digital Signature.) This signature can easily be verified against the BankID public root certificates, which exists one for Test and one for the Production environment. The public part of the BankID root certificates can be retrieved from Finansiell ID-teknik or ZignSec, contact firstname.lastname@example.org or email@example.com
The signature contains a signeddata node that is a well-defined canonization and sha256 hashing of the server info, client info, and on sing also the uservisibledata and usernonvisibledata. An wiki-article about the signature fields.
Verification with .Net code:
A Microsoft online documentation article describing how to verify a XMLDSIG.
You can also verify the signature with Aleksey Sanin´s XMLSEC1 utility.
Command line example:
$ xmlsec1 –verify –store-signatures –trusted-pem bid-root.pem signature_data_file
There are four data elements in the Signature from BankID available for verification,
srvInfo are returned after a login, after a sign the fields
usrNonVisibleData are returned.
Extract from the BankID signature document, page 5:
The bankIdSignedData element contains the BankID specific data that is secured using a digital signature,
and is referred to from one of the references. As reference, the Id attribute set to bidSignedData is used. The
content of this element is specified below. The main elements in bankIdSignedData are:
- usrVisibleData – Data that is displayed to the user (by the client software or card reader) at time of
signature computation. This element represents the typical online use case for BankID signed
transaction in which the user sees what he or she signs.
- usrNonVisibleData – Data that is not displayed to the user at time of signature computation.
Introducing this element definitely violates the “What You See is What You Sign” and must be used
with care. However, in some use cases it is beneficial if the data is not explicitly presented to the
user. Introducing “visible” and “non visible” data will make it very clear what the user was able to
see and not.
- srvInfo – Additional information generated by the server, e.g. challenge or nonce.
- clientInfo – Information generated by the client at time of signature computation, e.g. client