Original Message:
Sent: Fri September 20, 2024 11:27 AM
From: srikanth talluri
Subject: How to verify X-signature value.
Hi Jeroen,
Thanks for your reply. Can i use pd:hmac() to verify x-signature string ?
My requirement is.... client sending x-signature value in the request header, DataPower have verify that x-signature value.
Can please suggest.
Thanks.
Srikanth.
------------------------------
srikanth talluri
Original Message:
Sent: Tue September 17, 2024 05:36 PM
From: Jeroen Willems
Subject: How to verify X-signature value.
Hi,
x-signature header is typically used for HMAC on raw strings, rather than XML fragments.
So best to use either the dp:hmac() function or gatewayscript crypto module (APIs to create cryptographic HMAC content)
cheers,
------------------------------
Jeroen Willems
Integration Architect - Managing Partner
Integration Designers
Original Message:
Sent: Mon September 16, 2024 04:13 PM
From: srikanth talluri
Subject: How to verify X-signature value.
Hi,
Can you please guide me to find a solution to verify x-signature in DataPower.
Client is sending signature value in x-signature header. Client is sharing secret with DataPower and signature algorithm is SHA256.
Can i use dp:verify-hmac function? what are values in need to give for outputLength, verifedRoot ?
dp:verify-hmac(signAlgorithm, outputLength, verifedRoot, digestValue, sharedSecretKey, includeComments, c14nAlgorithm, prefixes).
Can you please share if you have any example code?
Thanks,
Srikanth.
------------------------------
srikanth talluri
------------------------------