Trading Networks 10.3 | Administering and Monitoring B2B Transactions | Trading Networks Built-In Services Reference | Mime Folder | Summary of Elements in this Folder | wm.tn.mime:sign
 
wm.tn.mime:sign
Creates a PKCS7 SignedData object.
The resulting signature is a Java byte[] that is a DER-encoded representation of the SignedData object as specified in PKCS7.
This service also allows for the creation of an explicit message digest. The service computes this digest separately from the one contained in the signed message. The default algorithm for this digest is SHA-1.
Input Parameters
signerInfo
IData [ ] An array containing information about a single signer of the document.
For each signerInfoRecord, one of the following is required:
*certChain that contains a certificate chain and private key
*keyAlias that references a certificate chain and private key in the key store
This IData object contains the following keys:
*certChain Object [ ] A X509 certificate of the signer. The certificate of the signer must be the first certificate in this chain; the root Certifying Authority (CA) certificate must be the last.
This should be a Certificate[] or an array of byte[].
*key Object The private key that corresponds to the public key in the certificate of the signer. (That is, the first certificate in certChain). The service uses this key to digitally sign the data. The private key can be any asymmetric encryption key that is supported by the webMethods Integration Server; for example, DSA or RSA.
This should be an instance of Java.security.PrivateKey or byte[].
*keyAlias String (optional) The alias that refers to the certificate chain and private key in the key store. This is not currently used.
*hashAlgorithm String The algorithm to use when computing the digest of the specified data. Specify either SHA or MD5.
data
InputStream or Byte [ ] The message to sign, which must be provided as a Java byte [].
This stream is fully read during the construction of the signature. Calls to read additional information from the stream after the execution of this service will fail.
detachedSignature
String Whether you want the created PKCS#7 object to contain the data that is digitally signed. A detached signature does not include the data. Valid values are:
*true - Create a detached signature that does not include the digitally signed data.
*false - Create a signature that includes the digitally signed data.
signatureStream
OutputStream (optional) OutputStream to which you want the signature written. If you do not specify signatureStream and data is a byte[], this service returns the signature as a byte[] in signatureBytes. If you do not specify signatureStream and data is an InputStream, this service throws an exception.
dataStream
OutputStream (optional) OutputStream to which you want the service to write the message contained in data. If you do not specify a stream for dataStream, the service discards the contents of data. This service only writes the message contained in data to this stream if you request a detached signature.
createDigest
String (optional) Whether you want the service to compute the message digest. Valid values are:
*yes - Compute a message digest.
*no - Default. Do not compute a message digest.
digestAlgorithm
String (optional) The algorithm to use to compute the digest if you specified yes for createDigest. You can specify one of the following values for digestAlgorithm: SHA-1 or MD5.SHA-1 is the default.
Output Parameters
bytesWritten
String Size (in bytes) of the signature.
signatureBytes
Byte [ ] (optional) If you did not specify signatureStream and data contained a byte[], signatureBytes contains the digital signature for the specified data.
messageDigest
String (optional) If createDigest is yes and you specified a valid value for digestAlgorithm, messageDigest contains a Base64 encoded message digest of the specified data.
Usage Notes
*This service provides the capability for multiple entities to sign the specified data.
*Each signerInfo block contained in the resulting signature contains the two authenticated attributes content type and a timestamp.