Integration Server 10.11 | Built-In Services Reference Guide | Security Folder | Summary of Elements in this Folder | pub.security:verify
 
pub.security:verify
WmPublic. Verifies signed data.
Input Parameters
data
Document. Signed data that you want to verify. The data must be in one of the following formats. If multiple input parameters are supplied for data, the service throws an exception stating that only one parameter must be passed.
Key
Description
string
String. Optional. The signed string that you want to verify.
stream
java.io.InputStream. Optional. The signed stream data that you want to verify.
bytes
byte[ ]. Optional. The signed byte array that you want to verify.
file
String. Optional. The absolute or relative path of the signed file that you want to verify. If the file is outside the Integration Server or Microservices Runtime installation directory, provide the absolute path. Otherwise, place the file in your Integration Server or Microservices Runtime working directory.
The About page in Integration Server Administrator and Microservices Runtime Administrator displays the working directory. The watt.server.homeDir server configuration parameter also specifies the working directory.
loadAs
String. Optional. The format in which the service returns the output. Set to:
*bytes to return the output as a byte array. This is the default.
*stream to return the output as a stream object.
*string to return the output as a string.
publicKey
Document. The signer's public key required to verify the signed data.
Provide publicKeyBytes, publicKeyString, or publicKeyRingFile. If you provide publicKeyRingFile, you must also provide publicKeyAlias. Otherwise, the service throws an exception.
Key
Description
publicKeyBytes
Object List. Optional. One or more public key files as byte arrays.
Note:
Public key files have a .asc extension.
publicKeyString
String List. Optional. One or more public keys as strings.
public​KeyRingFile
String. Optional. The absolute or relative path of the public keyring file. The public keyring file is a collection of public keys with a unique key ID. If the file is outside the Integration Server or Microservices Runtime installation directory, provide the absolute path. Otherwise, place the file in your Integration Server or Microservices Runtime working directory.
The About page in Integration Server Administrator and Microservices Runtime Administrator displays the working directory. The watt.server.homeDir server configuration parameter also specifies the working directory.
Note:
Public keyring files have a .pkr extension.
publicKeyAlias
String List. Optional. One or more public key aliases as strings. A public key alias is the 64-bit (16 characters) key identifier of a public key.
Note:
This parameter is required only when you use publicKeyRingFile.
Output Parameters
stream
java.io.OutputStream. Conditional. Verified data as an output stream. Returned when the loadAs input parameter is set to stream.
bytes
byte[ ]. Conditional. Verified data in bytes. Returned when the loadAs input parameter is set to bytes.
string
String. Conditional. Verified data as a string. Returned when the loadAs input parameter is set to string.
verified
Boolean. Indicates whether the signature associated with the data is valid or not. A value of:
*true indicates that the signed data is verified.
*false indicates that the signed data is not verified.
status
String. Indicates whether the data is successfully verified or not. If successful, status is success. Otherwise, status contains failure along with an error message.
Usage Notes
To verify signed data, Integration Server must have access to the signer's public key.
To verify the data for multiple users, provide the users' public keys to the service as a list of byte arrays, strings, or a keyring file. If you provide a keyring file, you must also provide the public key aliases.
The pub.security:verify service cannot verify a detached signature.
Authentication keys used in this service must be in the PGP format and generated using the RSA encryption algorithm.
Note:
Authentication keys in the .ecc format are not supported.