RSASign
This API signs message text using RSA private key.
URL
<http/https>://<host-name>:<Port>/protectappws/services/rest/rsaSign
Input Parameters
Parameters | Description |
---|---|
username | User name. |
password | Password associated with the user. |
keyname | Name of RSA key pair containing private key. |
messagetext | Message to sign. |
transformation | Transformations to be used. Possible options are: — RSA — SHA1withRSA — SHA256withRSA — SHA384withRSA — SHA512withRSA — SHA1withRSAPSSPadding — SHA256withRSAPSSPadding — SHA384withRSAPSSPadding — SHA512withRSAPSSPadding. For complete list of supported transformations, refer to the Supported Algorithm section of the CADP for Java User Guide. |
saltlength | Optional, length of salt to be used for sign operation. |
format | Signing format to be used. This is an optional parameter. Supported signing CMS formats are: — cms/detached/der/enveloped — cms/detached/der — cms/detached/smime/enveloped — cms/detached/smime. |
messageformat | Message format to be used. This is an optional parameter. Supported message formats are: — HEX — STR (default) |
certAlias | Client certificate alias for making SSL connections (optional). |
certPass | Password for the provided certificate alias (optional). |
Note
The saltlength parameter is supported only with the following transformations:
— SHA1withRSAPSSPadding
— SHA256withRSAPSSPadding
— SHA384withRSAPSSPadding
— SHA512withRSAPSSPaddingThe saltlength and format parameters cannot be used simultaneously.
The messagetext must be in the same format as specified in the messageformat parameter.
CMS formats are not supported with the following transformations:
—SHA1withRSAPSSPadding
—SHA256withRSAPSSPadding
— SHA384withRSAPSSPadding
— SHA512withRSAPSSPadding
— RSA
—RSAPSSPaddingSHA1
— RSAPSSPaddingSHA256
— RSAPSSPaddingSHA384
—RSAPSSPaddingSHA512CMS formats are not supported with the CipherTrust Manager.
For KeySecure 8.12.5 onward, following transformations are added to sign the data based on pre-calculated hash: RSA, RSAPSSPaddingSHA1, RSAPSSPaddingSHA256, RSAPSSPaddingSHA384, and RSAPSSPaddingSHA512. These transformations support saltlength parameter.
RSA_Sign Sample REST call with format
request
{
"RSA_Sign": {
"username": "cryptouser",
"password": "safenet123",
"keyname": "certpkcs12",
"messagetext": "akhi",
"transformation": "SHA1withRSA",
"format": "cms/detached/der/enveloped",
"messageformat": "STR"
}
}
response
{
"RSASignResponse": {
"rsa_SignResponse": "100010A72DFA9CD79662C60F3B6C75FE6EC9893F35C1B03670FA5AE8354E3E290C1468151530F2BEC6F7F4801A063F216D0D9D48CD8734C6F31739E7E00C0815698232B89BAFE8B43979E9C0D591A333C41B9EE28E55A2FFB8EED5A6359931D9DB48A6765EDFBB8F2AB2800DF75EA7A53C6F586FAFC61079703AB28A58A306931DC6C22CD3771B6F7CE001CDC441BB7A7629BECC3F92EB959031D6483717FD8CF4266B4B6335D84A0EA0A087093F3C4778B65E7AA0FD86A1C8BF111FCF7CE4B96A12B3C05131ABBCDDF33530DE6EDF889EF65739B6CBFD1722A25BCAD6657C098F2A2642AB5D478CBC1E0433635C3C4C495703042032F6EA91E477EDBA2D204A1DADD8"
}
}
RSA_Sign Sample REST call with saltlength
request
{
"RSA_Sign": {
"username": "cryptouser",
"password": "safenet123",
"keyname": "certpkcs12",
"messagetext": "akhi",
"transformation": "SHA1withRSAPSSPadding",
"saltlength": "40",
"messageformat": "STR"
}
}
response
{
"RSASignResponse": {
"rsa_SignResponse": "100010A72DFA9CD79662C60F3B6C75FE6EC9893F35C1B03670FA5AE8354E3E290C1468151530F2BEC6F7F4801A063F216D0D9D48CD8734C6F31739E7E00C0815698232B89BAFE8B43979E9C0D591A333C41B9EE28E55A2FFB8EED5A6359931D9DB48A6765EDFBB8F2AB2800DF75EA7A53C6F586FAFC61079703AB28A58A306931DC6C22CD3771B6F7CE001CDC441BB7A7629BECC3F92EB959031D6483717FD8CF4266B4B6335D84A0EA0A087093F3C4778B65E7AA0FD86A1C8BF111FCF7CE4B96A12B3C05131ABBCDDF33530DE6EDF889EF65739B6CBFD1722A25BCAD6657C098F2A2642AB5D478CBC1E0433635C3C4C495703042032F6EA91E477EDBA2D204A1DADD8"
}
}
RSA_Sign SOAP Sample with format
<prot:RSA_Sign>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>certpkcs12</keyname>
<messagetext>13123sdssdadasddsdsada</messagetext>
<transformation>SHA1withRSA</transformation>
<!--Optional:-->
<format>cms/detached/der/enveloped</format>
<!--Optional:-->
<messageformat>STR</messageformat>
</prot:RSA_Sign>
Output
Signature in Hex.
<ns1:RSA_SignResponse xmlns:ns1="http://dsws.org/protectappws/">32D4F93F540E465FE0DA63C29BFD28053F75C131598CC7B85493BF7BACEF5E14A1F2787F8D284E33269462ACA047DF1BF47442D70151D9471B9782B61477D514263B8FFFA0174650B4E8E7901A124B49C1E50796CECC1E83685124132855FF7BFB175F108BB026AEAA185660BB2CD4C7C85DFB557DDE58692A1C7EA769F38D877D220DC24AA5C5116E46E82E847FEDB99B45FA21128A94E86ACF8926E39D795F0C51D919DE9D9EC3647B22C26EB2A67931E52F294AE96FECE577DF9823F7A4EE69216166FF3940616253BF03ACDB32E414E29C0FFE8D5C2C0C0C1098CE2FCFA173EDCCDF3939FD5E691CBF2CF638EA26ED1A0E8E2ED2F727E300B3FCFA17ED18</ns1:RSA_SignResponse>
RSA_Sign SOAP Sample with saltlength
<prot:RSA_Sign>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>certpkcs12</keyname>
<messagetext>13123sdssdadasddsdsada</messagetext>
<transformation>SHA1withRSAPSSPadding</transformation>
<!--Optional:-->
<saltlength>40</saltlength>
<!--Optional:-->
<messageformat>STR</messageformat>
</prot:RSA_Sign>
Output
Signature in Hex.
<ns1:RSA_SignResponse xmlns:ns1="http://dsws.org/protectappws/">32D4F93F540E465FE0DA63C29BFD28053F75C131598CC7B85493BF7BACEF5E14A1F2787F8D284E33269462ACA047DF1BF47442D70151D9471B9782B61477D514263B8FFFA0174650B4E8E7901A124B49C1E50796CECC1E83685124132855FF7BFB175F108BB026AEAA185660BB2CD4C7C85DFB557DDE58692A1C7EA769F38D877D220DC24AA5C5116E46E82E847FEDB99B45FA21128A94E86ACF8926E39D795F0C51D919DE9D9EC3647B22C26EB2A67931E52F294AE96FECE577DF9823F7A4EE69216166FF3940616253BF03ACDB32E414E29C0FFE8D5C2C0C0C1098CE2FCFA173EDCCDF3939FD5E691CBF2CF638EA26ED1A0E8E2ED2F727E300B3FCFA17ED18</ns1:RSA_SignResponse>