wm.tn.mime:processSignedData
Processes a signed MIME object.
The service returns the message that was signed and attempts to verify the signature. If the service cannot verify the signature, it returns an error message explaining why the verification failed.
Input Parameters
mimeSrc | Object A MIME object containing the signed data that you want processed. |
signerCertChain | Object [ ] (optional) The certificate chain of the party signing the message. The chain must be in hierarchical order starting with the signer's certificate in first element (element zero). The following shows a sample of a complete certificate chain if the signing party's certificate was signed by two intermediate certifying authorities (CAs). In the below list, for example, 0 is the element and Signer's certificate is the content.  0- Signer's certificate 1 - Intermediary CA certificate 2 - Intermediary CA certificate 3 - Root CA certificate Note: | If the signer included the certificate chain with the digital signature, you do not need to supply signerCertChain. |
|
createDigest | String (optional) Whether to compute the message digest for the encrypted MIME message. Valid values are: yes - To compute a message digest. no - Default. To not compute a message digest. |
digestAlgorithm | String (optional) The algorithm to use to compute the digest if you specified yes for createDigest. You can specify one of the following values for digestAlgorithm: SHA-1 or MD5.SHA-1 is the default. |
Output Parameters
mimeData | Object A MIME object containing the parsed contents of the extracted MIME entity. |
encrypted | String (optional) Whether mimeData is an encrypted message. Valid values are: true - The MIME object in mimeData is encrypted. false - The MIME object in mimeData is not encrypted. |
signed | String (optional) Whether mimeData is a signed message. Valid values are: true - The MIME object in mimeData is signed. false - The MIME object in mimeData is not signed. |
certsOnly | String (optional) Whether mimeData contains only digital certificates. Valid values are: true - MIME object in mimeData contains only digital certificates. false - MIME object in mimeData contains a regular payload. |
verify | String Whether this service was able to successfully verify the digital signature of the signed message in mimeSrc with the public key supplied in the signer's certificate (signerCertChain). Valid values are: true - The service successfully verified the digital signature. false - The service was unable to successfully verify the digital signature. The service returns errorCode (1-4) and errorMessage to describe the error. |
errorCode | String (optional) A number (error code) that corresponds to the type of error that occurred while processing the digital signature. errorMessage contains a description of the error; see errorMessage for possible errors. If the service does not encounter an error, it does not return errorCode. |
errorMessage | String (optional) A textual error message indicating the error that occurred while processing the digital signature. The possible values returned in errorCode and errorMessage are as follows. In the below list, the numbers represent the errorCode and the text represents the errorMessage.For example, the first item indicates that for errorCode 1, the possible errorMessage value is “Invalid signer certificate file information.” 1- Invalid signer certificate file information. 2 - Certificate at index, i, is not in recognizable format. 3 - Invalid certificate input at index, i. 4 - Signature cannot be verified. 5 - Expired certificate chain. 6 - Error in certificate chain. 7 - Untrusted certificate. |
messageDigest | String (optional) Digest of the signed message. |
signerCert | Object The certificate used to sign the message. |
Usage Notes
If
verify is “false”,
errorCode and
errorMessage indicate the error that caused the failure. The
errorCode values 5 through 7 do not represent signature-validation failures and do not cause the
verify flag to be set to “false”.
This service is not compatible with the services in the
pub.mime or
pub.smime folders. Only use the output of this service with services in the
wm.tn.mime folder.
All headers in the decrypted message are digested. If you need to compute the digest for selected headers, use the
wm.tn.mime:writeToStream service.
