on 10-18-2007 9:28 AM
Hello,
I am trying to develop a HTTP Content server for connection with SAP but I encounter difficulties while implementing security.
The methode putCert stores the certificate from SAP but it seems like it is a X509 v1 certificate and not a V3. like mentionned in the spec doc
Moreover SHA1 seem to be used and not MDS.
Is there any particular reason?
Thank you
Hi,
I have the issue when trying to use putCert function with SAP Content Server.
Server returns status 500 (internal server error) with following info in response headers: "Security: format error of certificate".
I'm trying to import X.509 V1 certificate.
Is there any ideas what's wrong?
Thanks,
Slava
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
maybe someone else stumbles into this thread and finds this helpful:
- Create a message consisting of a single blank character (0x20).
- Sign this message using your certificate.
- Send the signed message with putCert.
The Signature algorithm must be sha1DSA. So RSA-Certificates won't work.
Olaf
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok finally managed to implement security on the SAP Content Server.
this code snippet works:
Provider bc = new BouncyCastleProvider();
int i = Security.addProvider(bc);
byte[] message2Sign = "E25B5CECB6846E1F4F92C9E9058BC415FDrCN%3DC1120071026161701".getBytes();
String good = "MIIBlAYJKoZIhvcNAQcCoIIBhTCCAYECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGCAWAwggFcAgEBMBMwDjEMMAoGA1UEAxMDQzExAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzEwMjYxNDE3MDFaMCMGCSqGSIb3DQEJBDEWBBT/ObaVw5qhQRX5MTMnyVqptXhwnTCBpgYFKw4DAhswgZwCQQEi9Vy1IpGpgBwpby66sV16jIHOJkoJI/blRDbeogY2IS69a9JmlAfQEnttGqA3jv/QAf98zFtmFpsDwniO1AhUBQNzq3BaLZ3Vj2dGBB5HPZh5eBa0CQHsZv4pNumfHRNhmlbKK9TDgPQrDDnG7F51g1FhTAFvceltg20WjHE/dFaH8jkigzaJDkFIuV50yGPytGPYmekELzAtAhUBBudqwTj+JNfkpr6BausHDZpqMmUCFC9rWauPQhjYNp4tiHWPmpgw9NXl";
String bad = "MIIBlAYJKoZIhvcNAQcCoIIBhTCCAYECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGCAWAwggFcAgEBMBMwDjEMMAoGA1UEAxMDQzExAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzEwMTgxMTQxNTVaMCMGCSqGSIb3DQEJBDEWBBS2xHiqu4ZssgcURXnsqxhf5kTCBpgYFKw4DAhswgZwCQQEi9Vy1IpGpgBwpby66sV16jIHOJkoJI/blRDbeogY2IS69a9JmlAfQEnttGqA3jv/QAf98zFtmFpsDwniO1AhUBQNzq3BaLZ3Vj2dGBB5HPZh5eBa0CQHsZv4pNumfHRNhmlbKK9TDgPQrDDnG7F51g1FhTAFvceltg20WjHE/dFaH8jkigzaJDkFIuV50yGPytGPYmekELzAtAhUBOKbZGs22bNiMQ8UkPL4vaPewDwCFFof2Pv04DXMDPj2SnZ7wMcCKTfH";
BASE64Decoder b64 = new BASE64Decoder();
byte[] signature = b64.decodeBuffer(good);
// get public key from cert
File toto = new File("/tmp/toto.txt");
FileInputStream fis = new FileInputStream(toto);
PKCS7 test = new sun.security.pkcs.PKCS7(fis);
java.security.cert.X509Certificate[] certs = test.getCertificates();
//PublicKey pk = certs[0].getPublicKey();
// construct PKCS7 data object
CMSProcessable processable = new CMSProcessableByteArray(message2Sign);
CMSSignedData s = new CMSSignedData(processable, signature);
// get 1st signer infos
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
SignerInformation signer = (SignerInformation) it.next();
// verification
boolean test2 = signer.verify(certs[0], "BC");
System.out.println("Ok = " + test2);
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
25 | |
12 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.