cancel
Showing results for 
Search instead for 
Did you mean: 

Digital Signature verification

Former Member
0 Kudos

Hi Experts,

I had a requirement of creating a digital signature for 2 fields in the input xml, by which i mean im calculating the signature(profile,private key, algorithm) based on the contents of the two fields as specified in sap help.

I can successfully verify it too but in the same program only.

I tried to verify it in a different program where i copy the signature produced in the first program(mapping) but the verify function fails to verify.I was trying to see how the receiver will verify it.

Am i missing something really rudimentary? please suggest.

Also to help the receiver to verify the signature what steps do i have to initiate other than providing the public key, as they r not on sap system.

Regards,

Farooq

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
0 Kudos

Hi Gaurav,

Im not doing any encryption actually, The requirement is just that from the input xml, I pass two firlds to generate the digital signature based on sign method, and pass the value between<SignatureValue> tags from the signature to a field on the target side keyValue.

My confusion is if the receiver now applies the public key ,does he have to apply it on the keyvalue or as im already doing certificate authentication in soap receiver channel does have have to apply it on the entire xml signature?

Regards,

Farooq

Former Member
0 Kudos

Farooq,

The receiver will use the private key to decrypt the message you are sending from XI.

The private key will be applied to the entire message as against two fields in the payload.

Regards,

Smitha.

Former Member
0 Kudos

Hi Smitha,

I am not encrypting the message.It's just the Digital Signature and It's verification.

In this I have 2 Queries,

1.) I can sign and Verify in the JAVA code but when I try to just Verify Using the Verify code it doesn't work.

2.) As the person who is verifying is non SAP , cpuld you help me out with sample JAVA code to verify the signature using public key.

Thanks,

Farooq

Former Member
0 Kudos

HI

1.) I can sign and Verify in the JAVA code but when I try to just Verify Using the Verify code it doesn't work.

2.) As the person who is verifying is non SAP , cpuld you help me out with sample JAVA code to verify the signature using public key.

It is possible to verify using Java code. Share the code you are trying with public key to solve this. You should be using java.security package right?

With this as you have asked earlier. Using certificate authentication at SOAP will encrypt complete message and so at receiver side they need to decrypt complete message and then verify your digital signature

Thanks

Gaurav

Former Member
0 Kudos

Hi Gaurav,

I have done the coding as per the link below.

http://help.sap.com/saphelp_nw04/helpdata/EN/a4/d0201854fb6a4cb9545892b49d4851/content.htm

The verify code is clubbed with the signing program and it's working.

However when I map the encrypted signature and explicitly try to just Verify It returns the trace from the program stating Unable to verify.

Also It's a non SAP system where I need to verify,Is there any tool or specific code from which I can Verify.

Thanks,

Farooq

Former Member
0 Kudos

I am using composite application. I created the user name, submit and Digital signature by adobe life cycle and i need the submit button to verify the digital signature and work inside the form . Do i use guided procedure to do so? how can i do so? thx!

Edited by: Jeremy Pang on Jan 30, 2009 8:46 AM

Former Member
0 Kudos

Hi Guys,

Thanks for ur time but, please no more links...I have gone through all of them..

A few queries that still rermain are :-

1) As specified above, I have imposed the sign method on two tags of the input xml using java code, and in the SOAP receiver i have used certificate authentication, So does the signature get overwritten on the entire message instead of the one i have generated using java code?

2)As the receiver is non sap, how could he verify the digital signature?

Regards,

Farooq

Former Member
0 Kudos

HI

1) As specified above, I have imposed the sign method on two tags of the input xml using java code, and in the SOAP receiver i have used certificate authentication, So does the signature get overwritten on the entire message instead of the one i have generated using java code?

SOAP authentication will encrypt complete message. Even if you add certificate in visual admin. We encrypt complete message. So when you do encryption in Java code it is again encrypted as a whole payload for you at SOAP receiver.

2)As the receiver is non sap, how could he verify the digital signature?

Which system you are referring here. They can verify only after using the key in code.

Thanks

Gaurav

Former Member
0 Kudos

Hey,

refer to these links..

Encryption.

Creating Certificate

regards,

Milan

dharamveer_gaur2
Active Contributor
0 Kudos

Hi

use this thread might help u