RAVI created CAMEL-21296:
----------------------------
Summary: Camel AS2 Sender application couldn't validate MDN message
Key: CAMEL-21296
URL: https://issues.apache.org/jira/browse/CAMEL-21296
Project: Camel
Issue Type: Bug
Components: camel-as2
Affects Versions: 4.5.0
Reporter: RAVI
Hi Team,
We are conducting a POC using the Camel-AS2 project (version 4.5.0) to
facilitate communication with the OpenText tool, with plans to extend this
setup for communication with our trading partners in the future.
We’ve implemented a Camel-AS2 sender application, which has been configured to
send EDI messages to the OpenText AS2 receiver. The OpenText AS2 receiver
successfully receives the messages and sends back a signed MDN. However, our
Camel-AS2 sender application encounters the following exception during MDN
validation.
Based on the Camel documentation, it appears that MDN verification on the
client side isn’t fully supported by Camel. To address this, we are utilizing
the org.apache.camel.component.as2.api.util.SigningUtils.isValid() method, but
this is where the exception arises.
We’ve identified that the message digest value computed on the MDN by OpenText
(included in the Signature object) doesn’t match the one computed by the
Camel-AS2 sender application upon receiving the MDN.
We suspect this discrepancy may be related to line separator differences in the
MDN message. Could you provide further insights or guidance on this issue?
Here’s the relevant code snippet we are using to validate after recieving
response from Open text:
if (exchange.getMessage().getBody() instanceof MultipartSignedEntity) {
MultipartSignedEntity responseSignedEntity = (MultipartSignedEntity)
exchange.getMessage().getBody();
AS2Component component = exchange.getContext().getComponent("as2",
AS2Component.class);
AS2Configuration configuration = component.getConfiguration();
System.out.println("count " + responseSignedEntity.getPartCount());
boolean verifiedFlag = SigningUtils.isValid(responseSignedEntity,
configuration.getValidateSigningCertificateChain());
}
org.bouncycastle.cms.CMSSignerDigestMismatchException: message-digest attribute
value does not match calculated value
at
org.bouncycastle.cms.SignerInformation.verifyMessageDigestAttribute(SignerInformation.java:550)
~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
at org.bouncycastle.cms.SignerInformation.doVerify(SignerInformation.java:452)
~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
at org.bouncycastle.cms.SignerInformation.verify(SignerInformation.java:659)
~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
at org.bouncycastle.cms.CMSSignedData.verifySignatures(CMSSignedData.java:436)
~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
at org.bouncycastle.cms.CMSSignedData.verifySignatures(CMSSignedData.java:411)
~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
at
org.apache.camel.component.as2.api.util.SigningUtils.isValidSigned(SigningUtils.java:155)
~[classes/:na]
at
org.apache.camel.component.as2.api.util.SigningUtils.isValid(SigningUtils.java:191)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
