RSAVerify
This API verifies the signature of message text using RSA public key.
URL
<http/https>://<host-name>:<Port>/protectappws/services/rest/rsaVerify
Input Parameters
| Parameters | Description |
|---|---|
| username | User name (optional). |
| password | Password associated with the user (optional). |
| keyname | Name of RSA key pair containing private key. |
| messagetext | Message to sign. |
| transformation | Transformations to be used. Possible options are: — RSA — SHA1withRSA — SHA256withRSA — SHA384withRSA — SHA512withRSA — SHA1withRSAPSSPadding — SHA256withRSAPSSPadding — SHA384withRSAPSSPadding — SHA512withRSAPSSPadding. For complete list of supported transformations, refer to the Supported Algorithm section of the CADP for Java User Guide. |
| saltlength | Length of salt to be used for sign operation. This is an optional parameter. |
| format | Format to be used. This is an optional parameter. Supported signing CMS formats are: — cms/detached/der/enveloped — cms/detached/der — cms/detached/smime/enveloped — cms/detached/smime |
| messageformat | Message format ot be used. This is an optional parameter. Supported message formats: — HEX —STR(default) |
| certAlias | Client certificate alias for making SSL connections (optional). |
| certPass | Password for the provided certificate alias (optional). |
Note
The saltlength parameter is supported with the following transformations:
— SHA1withRSAPSSPadding
— SHA256withRSAPSSPadding
— SHA384withRSAPSSPadding
— SHA512withRSAPSSPaddingThe saltlength and format parameters cannot be used simultaneously.
The messagetext must be in the same format as specified in the messageformat parameter.
CMS formats are not supported with the following transformations:
—SHA1withRSAPSSPadding
—SHA256withRSAPSSPadding
— SHA384withRSAPSSPadding
— SHA512withRSAPSSPadding
— RSA
—RSAPSSPaddingSHA1
— RSAPSSPaddingSHA256
— RSAPSSPaddingSHA384
—RSAPSSPaddingSHA512For KeySecure 8.12.5 onward, following transformations are added to sign the data based on pre-calculated hash: RSA, RSAPSSPaddingSHA1, RSAPSSPaddingSHA256, RSAPSSPaddingSHA384, and RSAPSSPaddingSHA512. These transformations support saltlength parameter.
RSA_Verify Sample REST call with format
request
{
"RSA_Verify": {
"username": "cryptouser",
"password": "abcd123",
"keyname": "certpkcs12",
"messagetext": "13123sdssdadasddsdsada",
"signature": " 3082087B06092A864886F70D010703A082086C30820868020100318201C0308201BC0201003081A330819B310B3009060355040613025553310B3009060355040813024341311530130603550407130C526564776F6F64204369747931143012060355040A130B536166656E657420496E6331143012060355040B130B456E67696E656572696E67311230100603550403140973616D706C655F63613128302606092A864886F70D010901161973616D706C655F636140736166656E65742D696E632E636F6D020300A6E9300D06092A8648[… sample truncated for brevity …
] 90E82E619499D6A0B54E084540A2B23AEC0E1943738433A0EA0E4FC7DF1449F9E55849302A17180E4A678F435EF21F638C5A2746250DDDDD73B19953B03DA286ADB4BBDAF9C77EFC4E5032","transformation": "SHA1withRSA",
"format": "cms/detached/der/enveloped",
"caname": "sample_ca"
}
}
response
{
"RSA_Verify_Response": {
"rsaVerifyResponse": "true"
}
}
RSA_Verify Sample REST call with saltlength
request
{
"RSA_Verify": {
"username": "cryptouser",
"password": "abcd123",
"keyname": "certpkcs12",
"messagetext": "13123sdssdadasddsdsada",
"signature": " 3082087B06092A864886F70D010703A082086C30820868020100318201C0308201BC0201003081A330819B310B3009060355040613025553310B3009060355040813024341311530130603550407130C526564776F6F64204369747931143012060355040A130B536166656E657420496E6331143012060355040B130B456E67696E656572696E67311230100603550403140973616D706C655F63613128302606092A864886F70D010901161973616D706C655F636140736166656E65742D696E632E636F6D020300A6E9300D06092A8648[… sample truncated for brevity …
] 90E82E619499D6A0B54E084540A2B23AEC0E1943738433A0EA0E4FC7DF1449F9E55849302A17180E4A678F435EF21F638C5A2746250DDDDD73B19953B03DA286ADB4BBDAF9C77EFC4E5032","transformation": "SHA1withRSAPSSPadding",
"saltlength": "40"
}
}
response
{
"RSA_Verify_Response": {
"rsaVerifyResponse": "true"
}
}
RSA_Verify SOAP Sample with format
<prot:RSA_Verify>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>certpkcs12</keyname>
<messagetext>13123sdssdadasddsdsada</messagetext>
<signature>3082087B06092A864886F70D010703A082086C30820868020100318201C0308201BC0201003081A330819B310B3009060355040613025553310B3009060355040813024341311530130603550407130C526564776F6F64204369747931143012060355040A130B536166656E657420496E6331143012060355040B130B456E67696E656572696E67311230100603550403140973616D706C655F63613128302606092A864886F70D010901161973616D706C655F636140736166656E65742D696E632E636F6D020300A6E9300D06092A86488[… sample truncated for brevity … ] DACAAE8733FB6A9CD52E3B673C8E0DBB4E100A7EDE8B6DA586ADFAF38DA8975616F0BE035CB8B6D1514F1A6F3423180F402508A2F8E89C564</signature>
<transformation>SHA1withRSA</transformation>
<!--Optional:-->
<format>cms/detached/der/enveloped</format>
<!--Optional:-->
<caname>sample_ca</caname>
</prot:RSA_Verify>
Output
boolean – result of verification.
<ns1:RSA_VerifyResponse xmlns:ns1="http://dsws.org/protectappws/">true</ns1:RSA_VerifyResponse>
RSA_Verify SOAP Sample with saltlength
<prot:RSA_Verify>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>certpkcs12</keyname>
<messagetext>13123sdssdadasddsdsada</messagetext>
<signature>3082087B06092A864886F70D010703A082086C30820868020100318201C0308201BC0201003081A330819B310B3009060355040613025553310B3009060355040813024341311530130603550407130C526564776F6F64204369747931143012060355040A130B536166656E657420496E6331143012060355040B130B456E67696E656572696E67311230100603550403140973616D706C655F63613128302606092A864886F70D010901161973616D706C655F636140736166656E65742D696E632E636F6D020300A6E9300D06092A86488[… sample truncated for brevity … ] DACAAE8733FB6A9CD52E3B673C8E0DBB4E100A7EDE8B6DA586ADFAF38DA8975616F0BE035CB8B6D1514F1A6F3423180F402508A2F8E89C564</signature>
<transformation>SHA1withRSAPSSPadding</transformation>
<!--Optional:-->
<saltlength>40</saltlength>
</prot:RSA_Verify>
Output
boolean – result of verification.
<ns1:RSA_VerifyResponse xmlns:ns1="http://dsws.org/protectappws/">true</ns1:RSA_VerifyResponse>
