Skip to Content
0
Former Member
Jul 10, 2014 at 09:04 PM

Problem with digital signature of documents

300 Views

I have a requirement to upload documents and his respected fingerprint signed (SHA1WithRSA).

To achive this I am using the functions modules:

SSF_KRN_DIGEST

SSF_KRN_SIGN_BY_AS

but I can´t make it work.

I also ask for the .pem file used to generate the PSE that I'm using to sign documents.

With this pem file I execute in openSSL this following command:

#Creates Message Digest of document.txt, and the sign it with MyKey.pem

dgst -sha1 -sign MyKey.pem -out document.sign document.txt

AND THIS WORKS! Now, with this succesfull case I try to track down the problem with the FM that I'm using, and I detected that SSF_KRN_DIGEST is given me a diferent result than openssl (so I forget for sign the document for a while...).

This are the HEX value for OpenSSL (this is the one that works):

30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14 AC 37 25 AC AD 34 E2 F8 B9 21 B3 15 DD 20 0D 71 5B FD EE EB

And this is the HEX value of the result of FM SSF_KRN_DIGEST:

30 40 06 09 2A 86 48 86 F7 0D 01 07 05 A0 33 30 31 02 01 00 30 09 06 05 2B 0E 03 02 1A 05 00 30 0B 06 09 2A 86 48 86 F7 0D 01 07 01 04 14 AC 37 25 AC AD 34 E2 F8 B9 21 B3 15 DD 20 0D 71 5B FD EE EB

As you can see, both files do countain the digest, but the metadata and padding is different. As far as I know, it should respect the ASN.1 structure, but I can figure out whats wrong with the SSF_KRN_DIGEST call.

This is my code:

* Creamos el message diggest del archivo

CALL FUNCTION 'SSF_KRN_DIGEST'

EXPORTING

b_detached = 'X'

ostr_input_data_l = lv_bin_data_len

str_hashalg = 'SHA1'

IMPORTING

ostr_digested_data_l = lv_digested_len

* CRC =

TABLES

ostr_input_data = lt_bin_data

ostr_digested_data = lt_digested_data

EXCEPTIONS

ssf_krn_error = 1

ssf_krn_noop = 2

ssf_krn_nomemory = 3

ssf_krn_opinv = 4

ssf_krn_nossflib = 5

ssf_krn_input_data_error = 6

ssf_krn_invalid_par = 7

ssf_krn_invalid_parlen = 8

ssf_fb_input_parameter_error = 9

OTHERS = 10.

Where lt_bin_data contains the document, uploaded in binary mode.

Thanks in advance.

regards.