DataPower

DataPower

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Is it possible to move the Signature element when signing?

  • 1.  Is it possible to move the Signature element when signing?

    Posted Mon August 17, 2020 08:51 AM

    Hi.

    I have a project where the customer want the Signature element to be placed in a specific place. AppResp shall be signed and Signature should be placed under AppHdr=>Sgntr.

    Before signing:

    <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"/> <soap:Body> <AppResp> <AppHdr <CreDt>2020-08-13T08:35:34.348Z</CreDt> <Sgntr/> </AppHdr> <Document> ... </Document> </ns2:AppResp> </soap:Body>

    </soap:Envelope>

    After signing:

    <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"/> <soap:Body> <AppResp id="applicationResponse"> <AppHdr <CreDt>2020-08-13T08:35:34.348Z</CreDt> <Sgntr> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> <Reference URI="#applicationResponse"> .... </Signature> </Sgntr> </AppHdr> <Document> ... </Document> </ns2:AppResp> </soap:Body> </soap:Envelope>

    Is there a way to do this? To tell DP where the Signature element should be placed?

    I can move the Signature element after signing but that results in "Incorrect reference digest value" when verifying.

    Any help is much appreciated.

    /Jocke D



    #DataPower
    #Support
    #SupportMigration


  • 2.  RE: Is it possible to move the Signature element when signing?

    Posted Tue August 18, 2020 08:10 AM

    DataPower implements standards/RFCs.

    Please point to an RFC stating what your customer wants, and we can see whether DataPower supports that.



    #DataPower
    #Support
    #SupportMigration


  • 3.  RE: Is it possible to move the Signature element when signing?

    Posted Tue August 18, 2020 08:17 AM

    Thanks for the reply.

    I just realised that I did a misstake when customizing the sign script so case is closed. :)



    #DataPower
    #Support
    #SupportMigration


Related Content