SignVerify
This API verifies the signature of message text using RSA or EC public key.
URL
<http/https>://<host-name>:<Port>/protectappws/services/rest/SignVerify
Input Parameters
Parameters | Description |
---|---|
username | User name. |
password | Password associated with the user. |
keyname | Name of RSA or EC key pair containing public key. |
messagetext | Message for signing verification. It must be in the same format as specified in the messageformat parameter. |
signature | signature of RSA or EC signing for verification in Hex. |
transformation | Transformation to be used. Provide one of the RSA/EC signverify transformations supported by CADP for Java . |
format | Format to be used. This is an optional parameter. Supported signing CMS formats are: — cms/detached/der/enveloped — cms/detached/der — cms/detached/smime/enveloped — cms/detached/smime |
messageformat | Message format to be used. This is an optional parameter. Supported message formats are: — HEX — STR(default) |
caname | Name of the CA used for verifying. This is an optional parameter. |
certAlias | Client certificate alias for making SSL connections (optional). |
certPass | Password for the provided certificate alias (optional). |
Note
The following transformations don't support CMS format:
— SHA1withRSAPSSPadding
— SHA256withRSAPSSPadding
— SHA384withRSAPSSPadding
— SHA512withRSAPSSPadding
— ECDSA
— SHA1withECDSA
— SHA256withECDSA
— SHA384withECDSA
— SHA512withECDSA
— RSA
— RSAPSSPaddingSHA1
— RSAPSSPaddingSHA256
— RSAPSSPaddingSHA384
— RSAPSSPaddingSHA512For KeySecure 8.12.5 onward, following transformations are added to sign the data based on pre-calculated hash: RSA, RSAPSSPaddingSHA1, RSAPSSPaddingSHA256, RSAPSSPaddingSHA384, and RSAPSSPaddingSHA512. These transformations support saltlength parameter.
Sample REST call for cxf
request
#text
{
"SignVerify": {
"username": "admin",
"password": "admin",
"keyname": "ecc_testkey",
"messagetext": "126352152154",
"signature": "1000103081840240359CBBCDDECC68E423F56B10D151F5F3E6B2C15DE3F250864AAC26A5B8564BDFDC222E6172C476D91418959D4889A7DF03C3F5A6423B105D50E76C2061AC9FF602407F8EF0AC0D34C9B71B3
F13B58C32A7CF1440607C26FE03F99991FD330BA3B31FB1A1F5ECD602BBA890B073935B4414F5EE242E9DD8299FADE146210916F2588D","transformation": "SHA512withECDSA"
}
}
{
"SignVerify_Response": {
"signVerifyResponse": true
}
}
Sample SOAP Parameters
<prot:_SignVerify>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>certpkcs12</keyname>
<messagetext>13123sdssdadasddsdsada</messagetext>
<signature>3082087B06092A864886F70D010703A082086C30820868020100318201C0308201BC0201003081A330819B310B3009060355040613025553310B3009060355040813024341311530130603550407130C526564776F6F64204369747931143012060355040A130B536166656E657420496E6331143012060355040B130B456E67696E656572696E67311230100603550403140973616D706C655F63613128302606092A864886F70D010901161973616D706C655F636140736166656E65742D696E632E636F6D020300A6E9300D06092A86488[… sample truncated for brevity … ] DACAAE8733FB6A9CD52E3B673C8E0DBB4E100A7EDE8B6DA586ADFAF38DA8975616F0BE035CB8B6D1514F1A6F3423180F402508A2F8E89C564</signature>
<transformation> SHA256withECDSA </transformation>
<!--Optional:-->
<caname>sample_ca</caname>
</prot:_SignVerify>
Output
boolean – result of verification.
<ns1:_SignVerifyResponse xmlns:ns1="http://dsws.org/protectappws/">true</ns1:_SignVerifyResponse>