securityProvider | String Optional. The type of security provider. The valid values are: PGP (Pretty Good Privacy) JCE-KBE (Java Cryptography Extension-Key Based Encryption) The default value is PGP. | ||
data | Document Signed data that you want to verify. The data must be in one of the following formats. If multiple input parameters are supplied for data, the service throws an exception stating that only one parameter must be passed. | ||
Key | Description | ||
string | String Optional. The signed string that you want to verify. | ||
stream | java.io.InputStream Optional. The signed stream data that you want to verify. | ||
bytes | byte[ ] Optional. The signed byte array that you want to verify. | ||
file | String Optional. The absolute or relative path of the signed file that you want to verify. If the file is outside the Integration Server or Microservices Runtime installation directory, provide the absolute path. Otherwise, place the file in your Integration Server or Microservices Runtime working directory. The About page in Integration Server Administrator and Microservices Runtime Administrator displays the working directory. The watt.server.homeDir server configuration parameter also specifies the working directory. | ||
loadAs | String Optional. The format in which the service returns the output. Set to: bytes to return the output as a byte array. This is the default. stream to return the output as a stream object. string to return the output as a string. | ||
publicKey | Document The signer's public key required to verify the signed data. For PGP, provide publicKeyBytes, publicKeyString, or publicKeyRingFile. If you provide publicKeyRingFile, you must also provide publicKeyAlias. Otherwise, the service throws an exception. For JCE-KBE, provide publicKeyBytes, publicKeyString, or truststoreAlias. If you provide truststoreAlias, you must also provide certAlias. Otherwise, the service throws an exception. | ||
Key | Description | ||
publicKeyBytes | Object List Optional. One or more public key files as byte arrays for PGP. JCE supports only a single public key file. Note: Public key files have a .asc extension for PGP. | ||
publicKeyString | String List Optional. One or more public keys as strings for PGP. JCE supports only a single public key string. | ||
public​KeyRingFile | String Optional. The absolute or relative path of the public keyring file. The public keyring file is a collection of public keys with a unique key ID. If the file is outside the Integration Server or Microservices Runtime installation directory, provide the absolute path. Otherwise, place the file in your Integration Server or Microservices Runtime working directory. This parameter is specific to PGP. The About page in Integration Server Administrator and Microservices Runtime Administrator displays the working directory. The watt.server.homeDir server configuration parameter also specifies the working directory. Note: Public keyring files have a .pkr extension for PGP. | ||
publicKeyAlias | String List Optional. One or more public key aliases as strings. A public key alias is the 64-bit (16 characters) key identifier of a public key. Note: This parameter is required only when you use publicKeyRingFile. | ||
truststoreAlias | String Optional. Applies only to JCE. The alias for the truststore containing the public key and certificate. | ||
certAlias | String Optional. Applies only to JCE. The alias identifying a particular trusted certificate within a truststore. Note: This parameter is required only when you use truststoreAlias. | ||
signingAlgorithm | String. The signing algorithm to use. For PGP, select one of the following: MD5 SHA256 SHA384 SHA512 The default value is SHA256 for PGP. For JCE, select one of the following: RSA SHA256withRSA SHA512withRSA SHA3-256withRSA SHA3-384withRSA SHA3-512withRSA Note: If the FIPS (Federal Information Processing Standards) mode is enabled, this service does not support the MD5 signing algorithm. FIPS mode can be enabled or disabled using the watt.security.fips.mode parameter. This is applicable only for PGP. Note: If the secret key for signing the data is of the DSA (Digital Signature Algorithm) key type, this service does not support the MD5 signing algorithm. This is applicable only for PGP. | ||
actualData | Document Applies only to JCE. The original data that was signed and needs to be verified against the signature to confirm that it hasn't been tampered with. The actualData parameter must be in one of the specified formats. If multiple input parameters are provided for actualData, the service throws an exception indicating that only one parameter should be passed. | ||
Key | Description | ||
string | String Optional. The original string that you want to verify. | ||
stream | java.io.InputStream Optional. The original stream data that you want to verify. | ||
bytes | byte[ ] Optional. The original byte array that you want to verify. | ||
file | String Optional. The absolute or relative path of the original file that you want to verify. If the file is outside the Integration Server or Microservices Runtime installation directory, provide the absolute path. Otherwise, place the file in your Integration Server or Microservices Runtime working directory. The About page in Integration Server Administrator and Microservices Runtime Administrator displays the working directory. The watt.server.homeDir server configuration parameter also specifies the working directory. |
stream | java.io.OutputStream Conditional. Verified data as an output stream. Returned when the loadAs input parameter is set to stream. | |
bytes | byte[ ] Conditional. Verified data in bytes. Returned when the loadAs input parameter is set to bytes. | |
string | String Conditional. Verified data as a string. Returned when the loadAs input parameter is set to string. | |
verified | Boolean Indicates whether the signature associated with the data is valid or not. A value of: true indicates that the signed data is verified. false indicates that the signed data is not verified. | |
status | String Indicates whether the data is successfully verified or not. If successful, status is success. Otherwise, status contains failure along with an error message. |