cancel
Showing results for 
Search instead for 
Did you mean: 

Http content Server - putCert specification

Former Member
0 Kudos

Hello,

I am trying to develop a HTTP Content server for connection with SAP but I encounter difficulties while implementing security.

The methode putCert stores the certificate from SAP but it seems like it is a X509 v1 certificate and not a V3. like mentionned in the spec doc

Moreover SHA1 seem to be used and not MDS.

Is there any particular reason?

Thank you

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi,

I have the issue when trying to use putCert function with SAP Content Server.

Server returns status 500 (internal server error) with following info in response headers: "Security: format error of certificate".

I'm trying to import X.509 V1 certificate.

Is there any ideas what's wrong?

Thanks,

Slava

Former Member
0 Kudos

Hi,

maybe someone else stumbles into this thread and finds this helpful:

- Create a message consisting of a single blank character (0x20).

- Sign this message using your certificate.

- Send the signed message with putCert.

The Signature algorithm must be sha1DSA. So RSA-Certificates won't work.

Olaf

darren_martin
Explorer
0 Kudos

C

  1. version of same code avialable here....

Former Member
0 Kudos

Ok finally managed to implement security on the SAP Content Server.

this code snippet works:

Provider bc = new BouncyCastleProvider();

int i = Security.addProvider(bc);

byte[] message2Sign = "E25B5CECB6846E1F4F92C9E9058BC415FDrCN%3DC1120071026161701".getBytes();

String good = "MIIBlAYJKoZIhvcNAQcCoIIBhTCCAYECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGCAWAwggFcAgEBMBMwDjEMMAoGA1UEAxMDQzExAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzEwMjYxNDE3MDFaMCMGCSqGSIb3DQEJBDEWBBT/ObaVw5qhQRX5MTMnyVqptXhwnTCBpgYFKw4DAhswgZwCQQEi9Vy1IpGpgBwpby66sV16jIHOJkoJI/blRDbeogY2IS69a9JmlAfQEnttGqA3jv/QAf98zFtmFpsDwniO1AhUBQNzq3BaLZ3Vj2dGBB5HPZh5eBa0CQHsZv4pNumfHRNhmlbKK9TDgPQrDDnG7F51g1FhTAFvceltg20WjHE/dFaH8jkigzaJDkFIuV50yGPytGPYmekELzAtAhUBBudqwTj+JNfkpr6BausHDZpqMmUCFC9rWauPQhjYNp4tiHWPmpgw9NXl";

String bad = "MIIBlAYJKoZIhvcNAQcCoIIBhTCCAYECAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGCAWAwggFcAgEBMBMwDjEMMAoGA1UEAxMDQzExAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNzEwMTgxMTQxNTVaMCMGCSqGSIb3DQEJBDEWBBS2xHiqu4ZssgcURXnsqxhf5kTCBpgYFKw4DAhswgZwCQQEi9Vy1IpGpgBwpby66sV16jIHOJkoJI/blRDbeogY2IS69a9JmlAfQEnttGqA3jv/QAf98zFtmFpsDwniO1AhUBQNzq3BaLZ3Vj2dGBB5HPZh5eBa0CQHsZv4pNumfHRNhmlbKK9TDgPQrDDnG7F51g1FhTAFvceltg20WjHE/dFaH8jkigzaJDkFIuV50yGPytGPYmekELzAtAhUBOKbZGs22bNiMQ8UkPL4vaPewDwCFFof2Pv04DXMDPj2SnZ7wMcCKTfH";

BASE64Decoder b64 = new BASE64Decoder();

byte[] signature = b64.decodeBuffer(good);

// get public key from cert

File toto = new File("/tmp/toto.txt");

FileInputStream fis = new FileInputStream(toto);

PKCS7 test = new sun.security.pkcs.PKCS7(fis);

java.security.cert.X509Certificate[] certs = test.getCertificates();

//PublicKey pk = certs[0].getPublicKey();

// construct PKCS7 data object

CMSProcessable processable = new CMSProcessableByteArray(message2Sign);

CMSSignedData s = new CMSSignedData(processable, signature);

// get 1st signer infos

SignerInformationStore signers = s.getSignerInfos();

Collection c = signers.getSigners();

Iterator it = c.iterator();

SignerInformation signer = (SignerInformation) it.next();

// verification

boolean test2 = signer.verify(certs[0], "BC");

System.out.println("Ok = " + test2);