signerInfo | IData [ ] An array containing information about a single signer of the document. For each signerInfoRecord, one of the following is required: certChain that contains a certificate chain and private key keyAlias that references a certificate chain and private key in the key store |
This IData object contains the following keys: certChain Object [ ] A X509 certificate of the signer. The certificate of the signer must be the first certificate in this chain; the root Certifying Authority (CA) certificate must be the last. This should be a Certificate[] or an array of byte[]. | |
key Object The private key that corresponds to the public key in the certificate of the signer. (That is, the first certificate in certChain). The service uses this key to digitally sign the data. The private key can be any asymmetric encryption key that is supported by the webMethods Integration Server; for example, DSA or RSA. This should be an instance of Java.security.PrivateKey or byte[]. keyAlias String (optional) The alias that refers to the certificate chain and private key in the key store. This is not currently used. hashAlgorithm String The algorithm to use when computing the digest of the specified data. Specify either SHA or MD5. | |
data | InputStream or Byte [ ] The message to sign, which must be provided as a Java byte []. This stream is fully read during the construction of the signature. Calls to read additional information from the stream after the execution of this service will fail. |
detachedSignature | String Whether you want the created PKCS#7 object to contain the data that is digitally signed. A detached signature does not include the data. Valid values are: true - Create a detached signature that does not include the digitally signed data. false - Create a signature that includes the digitally signed data. |
signatureStream | OutputStream (optional) OutputStream to which you want the signature written. If you do not specify signatureStream and data is a byte[], this service returns the signature as a byte[] in signatureBytes. If you do not specify signatureStream and data is an InputStream, this service throws an exception. |
dataStream | OutputStream (optional) OutputStream to which you want the service to write the message contained in data. If you do not specify a stream for dataStream, the service discards the contents of data. This service only writes the message contained in data to this stream if you request a detached signature. |
createDigest | String (optional) Whether you want the service to compute the message digest. Valid values are: yes - Compute a message digest. no - Default. Do not compute a message digest. |
digestAlgorithm | String (optional) The algorithm to use to compute the digest if you specified yes for createDigest. You can specify one of the following values for digestAlgorithm: SHA-1 or MD5.SHA-1 is the default. |
bytesWritten | String Size (in bytes) of the signature. |
signatureBytes | Byte [ ] (optional) If you did not specify signatureStream and data contained a byte[], signatureBytes contains the digital signature for the specified data. |
messageDigest | String (optional) If createDigest is yes and you specified a valid value for digestAlgorithm, messageDigest contains a Base64 encoded message digest of the specified data. |