Skip to Content
0
Former Member
Jan 14, 2014 at 08:08 PM

Required information to gather to apply digital signature on XML

153 Views

Dear Expert,

I need to apply the digital signature on XML during java mapping on payload level. I have a sample of required format by third part(bank), however I need to get clarification to what other information I need to get from them to start my development. Please see the below sample source and required target, and my questions.

Required target target Structure :- The below sample was given by bank with applied digital signature and encoded in base64, I just decoded using online base64 decoder. The highlighted XML is my source XML, on which they had applied digital signature and encoded in base64.

0 *H 0 1 0 + 0 + *H

<?xml version="1.0"?>

<PaymentMessage>

<PaymentTransaction>

<CompanyCode>ARAMCO0001</CompanyCode>

<SequenceNum>16080</SequenceNum>

<TransactionData>:20:21107113

:32A:040523SAR10,00

:50:SAUDI ARABIAN OIL COMPANY

BOX 5000

DHAHRAN

SAUDI ARAMCO OIL COMPANY

:52A:RIBLSARI

:53B:/3010602079901

:57A:RIBLSARI

:59:/4040154769901

SAUDI ARAMCO OIL COMPANY

BOX 5000

DHAHRAN

SAUDI ARAMCO OIL COMPANY

:70:/INV/2000011508</TransactionData>

<TransactionComment>Bulk TEST</TransactionComment>

</PaymentTransaction>

</PaymentMessage> T0 P0 @ G0 *H 0o1 0 U SA1 0 U Unknown1 0 U AL Riyadh1 0

U

B2B1 0

U B2B1 0 U B2B e-Payment Gateway0

040117095831Z

151230095831Z0o1 0 U SA1 0 U Unknown1 0 U AL Riyadh1 0

U

B2B1 0

U B2B1 0 U B2B e-Payment Gateway00

*H 0 + o+s,5N Կڻ#poddS ݧ&&#127;мj&40,\#P 9|^$E=F -*-[msXu"b "v{aM S 0 *H

' 箰z]و @nL_T0gTPpv }e @Q?C K T %/ua퓺uN>[̉ ?:U8ɛ&b

x G|.ǵ gc rZ k;{zGK &v1 0 0w0o1 0 U SA1 0 U Unknown1 0 U AL Riyadh1 0

U

B2B1 0

U B2B1 0 U B2B e-Payment Gateway @ G0 + 0 *H

RV CR\_EB鰔@ 앗eD6 %&#127;ZT 2c?W36#=x|Mny iuh7; NE}I

l;

氊[D_gjl 1 8Op4.}X

Additional information from bank to sign the XML is as follows.

PKCS#7

Content type

Signed Data

Version

01

Digest algorithm

SHA-1 Hash algorithm

Digest Encryption Algorithm

RSA

Signer info

Information about a single signer of the signed data object

Questions-

1- Do I need to gather any other information from bank to start my java mapping development, as we know we apply digital signature on XML by using enveloping, enveloping or detached, for me it looks like enveloping. Please correct me if I am wrong.

2- We are using SSL for transport level security as well, they said to use the same public and private key provided by CA to sign the message which is using for SSL, can we use the same keys? in that case I will not generate public key and private keys by my code, and will access form key-store from PI(PI7.4 Dual stack) server. Please confirm.

3- By considering Please suggest me which method (Apis) shall I use to do digital signature, as we have JSR 105, Appache WSS4j,Appache santurio etc. I have chosen java mapping because I need to send the whole input payload on two different string field(after applying digital signature and encoded in base 64).


Thanks,

Farhan