function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Prakash NawalePrakash Nawale 

How to calculate ds:DigestValue and ds:SignatureValue in apex

We are doing Integration with external systems and unable to calcualte ds:DigestValue and ds:SignatureValue values 
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:v1=".........." xmlns:v11="........">
  <soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
      <wsu:Timestamp wsu:Id="TS-128F375C5B3256FAE8151780686184254">
        <wsu:Created>2018-02-05T15:07:42Z</wsu:Created>
        <wsu:Expires>2018-02-05T15:12:42Z</wsu:Expires>
      </wsu:Timestamp>
      <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-128F375C5B3256FAE8151780686183551"> ----
 --Certificate-</wsse:BinarySecurityToken>
      <ds:Signature Id="SIG-128F375C5B3256FAE8151780686183653" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
          <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
            <ec:InclusiveNamespaces PrefixList="wsa soap v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:CanonicalizationMethod>
          <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
          <ds:Reference URI="#id-128F375C5B3256FAE8151780686183652">
            <ds:Transforms>
              <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                <ec:InclusiveNamespaces PrefixList="soap v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
              </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue>--How to calcualte this?--</ds:DigestValue>
          </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue> --How to calcualte this?--</ds:SignatureValue>
        <ds:KeyInfo Id="KI-128F375C5B3256FAE8151780686183550">
          <wsse:SecurityTokenReference wsu:Id="STR-128F375C5B3256FAE8151780686183551">
            <wsse:Reference URI="#X509-128F375C5B3256FAE8151780686183549" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
      </ds:Signature>
    </wsse:Security>
    
  </soap:Header>



Please let me know how to get ds:DigestValue, ds:SignatureValue values and in which order we have to calculate.
NagendraNagendra (Salesforce Developers) 
Hi Prakash,

May I suggest you please give a try by using System.Crypto methods for all the Signing. which should help.

Please let us know if this helps.

Thanks,
Nagendra
SF DEVELOPER 73SF DEVELOPER 73
Hello Prakash,

I have the same usecase of need to generate the Digest and Signature value.  Can you please let me know if you got succeeded? I tried using crypto.generatedigest and crypto.Sign methods but the values generated are not matching with other external tools values.

 
Prakash NawalePrakash Nawale
Hi All,

Salesforce not supports wsu tags, I suggested client to move to REST service
SF DEVELOPER 73SF DEVELOPER 73
Thank you for your response Prakash. It's good that your end point moved to REST. But in our case we don't have much control over end point and we need to connect via WS SOAP protocol and looking for work arounds as SF dont support WS.