This blog is a brief about an actual project case where digital signature creation/validation was implemented in XI.



All messages flowing from the source application through our Messaging System – (SAP XI 3.0 & IBM WebSphere MQ) are digitally
signed. Upon receiving the messages, the target
application verifies the signature before processing the message. Digital signatures
authenticate the sender of the message, establish the integrity and
non-repudiation of the message.

Our Messaging system uses Java-based
Crypto toolkit for signing messages digitally. Digital signatures
use Hashing algorithms and Asymmetric key pairs (Private and Public Keys) and
work the following way:

Image Courtesy: www.unixwiz.net

1.A message digest using a Hashing Algorithm is computed based on the transformed source message. All required java programs written using Java-based Crypto toolkit are imported as archives into XI. Java mapping in XI created utilizing the
imported java archives, performs the digital signature creation for the messages originating from the source application and digital signature verification for the
incoming messages from target application.

5kl7R4JMYQKTBiDMFfdgKrE5D2mUfXtkEzPoT7j9G5XKfZKX5RIqlAmJ77BCHF11G9DlGA9uCt3YALLw3tKOVv57a2Odb0ZRMra2MfKJBIhr19koVADZlRuU5bU32U86UifquUQp7v7Ty1tasDQJH4wK4bmLDT+CJ2eLdtHB0=</DIGISIGN>

     </CRYPT>

</SAMPLEMSG>

</textarea>