These functions support the signing of data using CMS signature. See the JDK product documentation for information about using keytool in different scenarios.
The following functions for PKCS7 described here are:
loadPKCS7Certificate
Loads the stated PKCS7 certificate.
| Code Block |
|---|
void loadPKCS7Certificate
( string keyStorePath,
string keyAlias,
string keyStorePassword,
string signatureAlgorithm ) |
| Parameter | Description |
|---|
keyStorePath | The path to the Java keystore file to be used |
keyAlias | The alias for the certificate |
keyStorePassword | The password for the keystore |
signatureAlgorithm | The algorithm to be used for signing |
| Returns | Nothing |
| Tip |
|---|
|
It is recommended that you use this function in the initialize function block. |
signPKCS7
Signs a bytearray using the previously loaded PKCS7 certificate.
| Code Block |
|---|
bytearray signPKCS7 ( bytearray content) |
| Parameter | Description |
|---|
content | A byte array of the content to be signed with the certiticate loaded by the loadPKCS7Certificate function. |
Returns | A bytearray with the signed content. |
| Info |
|---|
| title | Example - Using signPKCS7 |
|---|
|
| Code Block |
|---|
initialize {
loadPKCS7Certificate("/etc/keystores/keystore.jks",
"certificateA", "keystoreAndAliasPassword", "SHA1withRSA")
}
consume {
bytearray baToSign;
strToBA(baToSign, "Hello World!");
input.response = signPKCS7(baToSign);
udrRoute(input)
} |
|
