Hi guru's,
I'm a noob when it comes to RSA so a bit of help would be great!
I'm consuming a rest service where we have to sign the body with RSA-SHA256 and send it in the header.
I tried to consume the CryptoAPI and used the RSA_Sign function to sign the body.
Only the algorithm that is supported by the CryptoAPI are:
Hash can be one of: MD5, SHA1, SHA256, SHA384, SHA512, and PADDING can be one of: PKCS1,PSS.
I tried it with SHA256/RSA only that padding type is not supported so I tried it with only SHA256.
That works only the signed value is not valid.
To validate the signed value I use the website:
https://8gwifi.org/RSAFunctionality?rsasignverifyfunctions=rsasignverifyfunctions&keysize=2048
When trough the website I sign the body value and send it to the consumed rest api it works.
Only now how to get the signed value correct in Outsystems...
I also add the private PEM signature i'm using for a example.
The body that I'm signing is:
{"secret":"9ef3a0a7f2b3bf12a72b03192e6a12801ae261ad9e128f44c0338a588f3ee6c6"}
And the output on the 8gwifi website that I get as signed data is:
Mj1TAN/1bbz9DyazVYZWRXIL8CNaG4Bobjd4IUIl3GWt9jAZc3kdiNrQJ+0x7tNIKiS1sU4ZrPBJuOzaZN5afFB1dl+8txoQHtk2oW2eJ/vCXs/5gbb+tOzTbd8GQ1qWD6Q2l2M2mI7qpiFFX+0ePQY8MnUCLglQ55lR9JSNEqvkf2iHaWW219wQc2m77oO60+TBL5VcyWVlc3gk44ItKizrKQ5RbzMLr1vekJaRb+KgIXsTj/FVTP9T2qgFaMXWsg9Tj2rF7Phb1YX/PkIqRAOUsOor1YqHpU/4xAg/1EPWEDXmTqJDuPaqYcBIx72S+nEcOMnTuYyomFh2tEp+lQ==
Help :(
I got it working by using the SHA256/PKCS1 Algorithm on the RSA_Sign function. I don't know why this works and the default: SHA256/PSS not but it works.