Validate signature from string

Question

Yone Moreno · Aug 18, 2020

#Caché

Hello,

We would need to handle the following use case:

A system replies to our GET with a list of codes and a signature.

Each code has been signed with the SHA512withECDSA algorithm

We would need to:

1 Concatenate all codes in a string

2 Decode the string which is in Base 64

3 Validate the string using the signature which we get in the reply

We have read for step 2:

Base64Decode

https://cedocs.intersystems.com/latest/csp/documatic/%25CSP.Documatic.cl...

For step 3 we have found:

This example at "Validating a Signature" which validates the <Signature> element in an XML

https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls...

➡️ Could you show us some documentation or examples which could help us?

How would you validate that the string which contains all the code has been signed with the algorithm?

Dmitry Maslennikov · Aug 21, 2020

I did not find any mention of ECDSA in InterSystems products, so, not sure if it's supported natively. I would look at some external tools which could help you with it. And you can start from openssl. And If I undestood correctly, you'll also need a public certificate, which used to make such a signature.

0 0