Grants.gov Applicant Hashing Standard
Grants.gov requires the Applicant organizations to hash single-project and multi-project as well as each submission attachment in order to ensure proper delivery of the submission to the agency.
This section describes the Grants.gov technical requirements for Applicant S2S submissions. The following technical requirements are covered in this section:
Secure Hash Algorithm-1 (SHA-1) Hashing
Grants.gov uses the SHA-1 (http://www.itl.nist.gov/fipspubs/fip180-1.htm ) for computing hash values. The resulting hash value shall be encoded using the Base64 data encoding specification (http://www.ietf.org/rfc/rfc3548.txt ). The resulting value will be populated in the global schema HashValue element.
Grants.gov requires the Applicant organizations to hash the <grant:Forms> XML node for single-project submissions and the <mpgrant:ApplicationPackage> XML node for multi-project submissions along with each submission attachment. When creating the attachment XML, it is important to specify “SHA-1” in the Global Schema “glob:hashAlgorithm” attribute. If a value other than SHA-1 is received in the XML, Grants.gov will reject the application. The next sections describe the process in greater detail.
Preparing and Calculating Attachment Hash Values (Step 1)
This section clarifies the process of sending attachments to Grants.gov. The Attachments schema is required when adding attachments to a S2S grant application package. The schema containing the AttachedFileDataType can be accessed by the URL:
The schema contains a field named FileLocation. This element represents the Content-ID (CID) for the attachment, which is a unique value for identifying the associated attachment. The href attribute of the FileLocation element should be populated with the CID. The CID (the FileLocation href attribute value) in the schema should match the FileContentId element contained in the GrantsCommonElements:Attachment element. The GrantsCommonElements schema can be accessed by the URL:
The following restrictions apply to both single and multi-project submissions:
Each attachment must be hashed and the value placed in the attachment HashValue XML element of the Submission XML.
Calculating the Submission XML Node Hash Value (Step 2)
Once the attachment hash values have been calculated and inserted into their proper location of the submission XML document, the submission XML document is considered to be ‘prepared’. The Applicant organization must then compute the hash for the appropriate XML node (described in the following sub-sections).
The submission XML node (element and its sub-elements) must be canonicalized BEFORE hashing to guarantee equivalence of hash values for logically equivalent Grant Application XML documents. The canonicalization standard is the Exclusive XML Canonicalization W3C specification (http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ ).
When applied, this specification will produce an XML that has the identical lexical structure for all XML Node inputs that are logically equivalent. The specification will not include namespace specific attributes that are in ancestor nodes of canonicalized sub-elements. Also, the specification will not include the namespace declarations of ancestor nodes that are not used by the sub-elements to be canonicalized. This shields the canonicalized sub-elements from being affected by namespace declarations in ancestor nodes that are not to be canonicalized.
The resulting hash value computed must be populated in the HashValue element within the <grant:SubmissionHeader> element.
Single-Project Submission XML Node
The hash value must be computed over the <grant:Forms> XML node.
Multi-Project Submission XML Node
The hash value must be computed over the <mpgrant:ApplicationPackage> XML node.