Sign
This API signs message text using RSA or EC private key.
URL
<http/https>://<host-name>:<Port>/protectappws/services/rest/Sign
Input Parameters
Parameters | Description |
---|---|
username | User name (optional). |
password | Password associated with the user (optional). |
keyname | Name of RSA or EC key pair containing private key. |
messagetext | Message to sign. It must be in the same format as specified in the messageformat parameter. |
transformation | Transformation to be used. Provide one of the RSA/EC signing transformations supported by CADP for Java. |
format | Format to be used. This is an optional parameter. Supported signing CMS formats are: — cms/detached/der/enveloped — cms/detached/der — cms/detached/smime/enveloped — cms/detached/smime. |
messageformat | Message format to be used. This is an optional parameter. Supported message formats are: — HEX — STR(default) |
certAlias | Client certificate alias for making SSL connections (optional). |
certPass | Password for the provided certificate alias (optional). |
Note
The following transformations don't support CMS format:
— SHA1withRSAPSSPadding
— SHA256withRSAPSSPadding
— SHA384withRSAPSSPadding
— SHA512withRSAPSSPadding
— ECDSA
— SHA1withECDSA
— SHA256withECDSA
— SHA384withECDSA
— SHA512withECDSA
— RSA
— RSAPSSPaddingSHA1
— RSAPSSPaddingSHA256
— RSAPSSPaddingSHA384
— RSAPSSPaddingSHA512For KeySecure 8.12.5 onward, following transformations are added to sign the data based on pre-calculated hash: RSA, RSAPSSPaddingSHA1, RSAPSSPaddingSHA256, RSAPSSPaddingSHA384, and RSAPSSPaddingSHA512. These transformations support saltlength parameter.
Sample REST call for cxf
request
{
"Sign": {
"username": "admin",
"password": "admin",
"keyname": "ecc_testkey",
"messagetext": "126352152154",
"transformation": "SHA512withECDSA"
}
}
"SignResponse
{
"signResponse": "1000103081840240021289F54A83BADACC8FD634A7606531204FECCC834AB649C86BF7D4A3612FC101DFF1BE16E5354406D934A655705D8D13642763EBD4AECA84C283D399E573AA02405EEFEC37FB16D3CFDCBF8ACE69E55C8A5F9EA224326EEF0FAF32CE2FA0DCBE7C063A572FA2F209D92A022945F1ED75A80B294049D499567CBA8D5993962FCC21"
}
Sample SOAP Parameters
<prot:_Sign>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>certpkcs12</keyname>
<messagetext>13123sdssdadasddsdsada</messagetext>
<transformation>SHA384withECDSA</transformation>
<!--Optional:-->
<messageformat>STR</messageformat>
</prot:_Sign>
Output
Signature in Hex.
<ns1:_SignResponse xmlns:ns1="http://dsws.org/protectappws/">32D4F93F540E465FE0DA63C29BFD28053F75C131598CC7B85493BF7BACEF5E14A1F2787F8D284E33269462ACA047DF1BF47442D70151D9471B9782B61477D514263B8FFFA0174650B4E8E7901A124B49C1E50796CECC1E83685124132855FF7BFB175F108BB026AEAA185660BB2CD4C7C85DFB557DDE58692A1C7EA769F38D877D220DC24AA5C5116E46E82E847FEDB99B45FA21128A94E86ACF8926E39D795F0C51D919DE9D9EC3647B22C26EB2A67931E52F294AE96FECE577DF9823F7A4EE69216166FF3940616253BF03ACDB32E414E29C0FFE8D5C2C0C0C1098CE2FCFA173EDCCDF3939FD5E691CBF2CF638EA26ED1A0E8E2ED2F727E300B3FCFA17ED18</ns1:_SignResponse>