This SDK library provides reference implementation of ISO 20022 Digital Signature specification to sign and verify XML messages. It assumes that you have read the specification prior to coming here.
Refer to ISO20022 Signed Unsigned Message Examples for understanding the difference between a signed and unsigned message.
In Signed XML payload, you will see three reference nodes:
- Resource as uri="" - will get resolved to AppHdr
- Resource with no uri - will get resolved to Document
- Resource as uri="#id" - will get resolved to element as per that id value
Java 11+
Maven 3.6.1+
XmlSignUtil.sign(Document document, SignatureInfo signatureInfo, SignatureKeyInfo signatureKeyInfo) signs the XML Document where:
- document - the unsigned payload
- signatureInfo - signature info which is used in signing the payload
- signatureKeyInfo - signature key info which holds private key and ski bytes to be set in X509 Data element
Refer to detailed message signing flow
XmlSignUtil.verify(Document document, PublicKey publicKey) verifies the signed payload where:
- document - the signed payload
- publicKey - the public key
Refer to detailed message verification flow
<dependency>
<groupId>com.mastercard.ap.security</groupId>
<artifactId>ap-bah-crypto-utility</artifactId>
<version>${bah-crypto-utility-version}</version>
</dependency>Execute the command from command prompt
keytool -genkey -alias test -keyalg RSA -validity 3060 -keysize 2048 -keystore keystore.jks -storetype JKSEnter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: Test
What is the name of your organizational unit?
[Unknown]: OU
What is the name of your organization?
[Unknown]: O
What is the name of your City or Locality?
[Unknown]: London
What is the name of your State or Province?
[Unknown]: S
What is the two-letter country code for this unit?
[Unknown]: UK
Is CN=Test, OU=OU, O=O, L=London, ST=S, C=UK correct?
[no]: yes
Enter key password for (RETURN if same as keystore password):
Re-enter new password: