Dear All
We are using java call out to sign xml message and send to TP, please note that this message is not Base64 encoded,
We have doubt that signed message got changed when we send this message through binary/flat document to TP.
Because I am saving message to a file before sending to TP from callout and its verifiable with CMS package but Wire message got changed and not being verified.
Its full doubt that message is changed.
Can any body suggest us what should the issue, which document we should use.
following is callout java code
------------------------------
import client.MaadenPropertiesConstants;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import oracle.tip.b2b.callout.Callout;
import oracle.tip.b2b.callout.CalloutContext;
import oracle.tip.b2b.callout.CalloutMessage;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSProcessableFile;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
public class Class1Test1 implements Callout
{
public void execute(CalloutContext context, List input, List output)
{
System.out.println(" Callout Class1Test1 execute() called - Start");
try {
CalloutMessage cmIn = (CalloutMessage)input.get(0);
System.out.println(" Callout execute() called - string that came in as input" +
cmIn.toString());
String s = cmIn.getBodyAsString();
s = s.replaceAll(" xmlns:ns1=\"http://MT100_Rq\"", "");
System.out.println(" Callout execute() called - replaced MT100_Rq:1" +s);
System.out.println("============================================================================================================================");
s = s.replaceAll("ns1:", "");
System.out.println(" Callout execute() called - replaced string" + s);
System.out.println("============================================================================================================================");
System.out.println("string sent to method for signing:" + s);
System.out.println("============================================================================================================================");
byte[] signedData = sign(s);
System.out.println("signedData:" + signedData);
System.out.println("============================================================================================================================");
System.out.println("signedData.length:" + signedData.length);
System.out.println("============================================================================================================================");
System.out.println("signedData.toString:" + signedData.toString());
System.out.println("============================================================================================================================");
System.out.println("*FINISH*");
CalloutMessage cmOut = new CalloutMessage(signedData);
output.add(cmOut);
System.out.println((new StringBuilder()).append("Callout execute() - End Callout = "));
} catch (Exception e) {
// System.out.println("Exception: "+ e.printStackTrace())
System.out.println((new StringBuilder()).append("Callout execute() - Exception = ").append(e).toString());
e.printStackTrace();
}
}
private byte[] sign(String input) {
Security.addProvider(new BouncyCastleProvider());
byte[] encoded = null;
try {
KeyStore keystore = loadKeyStore();
Certificate[] certchain =
(Certificate[])keystore.getCertificateChain(MaadenPropertiesConstants.KEYSTORE_Alias);
final List<Certificate> certlist = new ArrayList<Certificate>();
for (int i = 0, length = certchain == null ? 0 : certchain.length;
i < length; i++) {
certlist.add(certchain[i]);
}
PrivateKey key =
(PrivateKey)(keystore.getKey(MaadenPropertiesConstants.KEYSTORE_Alias, MaadenPropertiesConstants.KEYSTORE_PWD.toCharArray()));
ContentSigner signer =
new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(key);
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
generator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(signer,
(X509Certificate)keystore.getCertificate(MaadenPropertiesConstants.KEYSTORE_Alias)));
generator.addCertificates(new JcaCertStore(certlist));
// CMSSignedData signedData =
// generator.generate(new CMSProcessableFile(new File(this.inputFile)),
// true); //changed to false
// CMSSignedData signedData;
// signedData =
// generator.generate(new CMSProcessableFile(new File("//home//test//request.txt")),
// true); //changed to false
CMSTypedData msg;
msg = new CMSProcessableByteArray(input.getBytes());
CMSSignedData signedData = generator.generate(msg, true);
encoded = signedData.getEncoded();
System.out.println("Got encoded pkcs7 bytes " + encoded.length +
" bytes");
FileOutputStream fos = new FileOutputStream("//home//test//signed.txt");
fos.write(encoded);
fos.flush();
fos.close();
// CMSTypedData msg;
// msg = new CMSProcessableByteArray(input.getBytes());
// CMSSignedData signedData = generator.generate(msg, true);
//
// encoded = signedData.getEncoded();
// System.out.println("Got encoded pkcs7 bytes " + encoded.length +
// " bytes");
//
} catch (Exception e) {
e.printStackTrace();
}
return encoded;
}
private static KeyStore loadKeyStore() throws Exception {
KeyStore keystore =
KeyStore.getInstance(MaadenPropertiesConstants.KEYSTORE_INSTANCE);
InputStream is =
new FileInputStream(MaadenPropertiesConstants.keystoreLocation);
keystore.load(is,
MaadenPropertiesConstants.KEYSTORE_PWD.toCharArray());
return keystore;
}
}
--------------------------------------------------------------------------------------------------------------------------
Regards