Dear Expert,
I need to apply the digital signature on XML during java mapping on payload level. I have a sample of required format by third part(bank), however I need to get clarification to what other information I need to get from them to start my development. Please see the below sample source and required target, and my questions.
Required target target Structure :- The below sample was given by bank with applied digital signature and encoded in base64, I just decoded using online base64 decoder. The highlighted XML is my source XML, on which they had applied digital signature and encoded in base64.
| 0 | *H | |
| 0 1 0 | + 0 + | *H |
<?xml version="1.0"?>
<PaymentMessage>
<PaymentTransaction>
<CompanyCode>ARAMCO0001</CompanyCode>
<SequenceNum>16080</SequenceNum>
<TransactionData>:20:21107113
:32A:040523SAR10,00
:50:SAUDI ARABIAN OIL COMPANY
BOX 5000
DHAHRAN
SAUDI ARAMCO OIL COMPANY
:52A:RIBLSARI
:53B:/3010602079901
:57A:RIBLSARI
:59:/4040154769901
SAUDI ARAMCO OIL COMPANY
BOX 5000
DHAHRAN
SAUDI ARAMCO OIL COMPANY
:70:/INV/2000011508</TransactionData>
<TransactionComment>Bulk TEST</TransactionComment>
</PaymentTransaction>
| </PaymentMessage> T0 P0 @ | G0 | |
| *H | ||
| 0o1 0 | U SA1 0 U Unknown1 0 U | AL Riyadh1 0 |
U
B2B1 0
U B2B1 0 U B2B e-Payment Gateway0
040117095831Z
| 151230095831Z0o1 0 | U SA1 0 U Unknown1 0 U | AL Riyadh1 0 |
U
B2B1 0
U B2B1 0 U B2B e-Payment Gateway00
| *H | |
| 0 + | o+s,5N Կڻ#poddS ݧ&мj&40,\#P 9|^$E=F -*-[msXu"b "v{aM S 0 |
| *H |
' 箰z]و @nL_T0gTPpv }e @Q?C K T %/ua퓺uN>[̉ ?:U8ɛ&b
| x G|.ǵ gc rZ k;{zGK &v1 0 0w0o1 0 | U SA1 0 U Unknown1 0 U | AL Riyadh1 0 |
U
B2B1 0
| U B2B1 0 U B2B e-Payment Gateway @ | G0 | + 0 |
| *H |
RV CR\_EB鰔@ 앗eD6 %ZT 2c?W36#=x|Mny iuh7; NE}I
| l; | 氊[D_gjl 1 8Op4.}X
Additional information from bank to sign the XML is as follows. |
PKCS#7 | |
Content type | Signed Data |
Version | 01 |
Digest algorithm | SHA-1 Hash algorithm |
Digest Encryption Algorithm | RSA |
Signer info | Information about a single signer of the signed data object |
Questions-
1- Do I need to gather any other information from bank to start my java mapping development, as we know we apply digital signature on XML by using enveloping, enveloping or detached, for me it looks like enveloping. Please correct me if I am wrong.
2- We are using SSL for transport level security as well, they said to use the same public and private key provided by CA to sign the message which is using for SSL, can we use the same keys? in that case I will not generate public key and private keys by my code, and will access form key-store from PI(PI7.4 Dual stack) server. Please confirm.
3- By considering Please suggest me which method (Apis) shall I use to do digital signature, as we have JSR 105, Appache WSS4j,Appache santurio etc. I have chosen java mapping because I need to send the whole input payload on two different string field(after applying digital signature and encoded in base 64).
Thanks,
Farhan