Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SOAP Adapter - Change Signature Algorithm

YouriC
Participant

on ‎2019 May 08 4:49 PM

0 Likes
2,016

Hi,

For one of my scenario, I have to change the Signature Algorithm in SOAP Adapter Receiver.

When I try to consume the Web Service, I receive this error :
SECU3518: Invalid digest algorithm 'http://www.w3.org/2000/09/xmldsig#sha1' used. Expecting 'http://www.w3.org/2001/04/xmlenc#sha256'

The problem has been confirmed by the Third Party (WS Provider).

I can not change/adapt the certificate.
He works perfectly with SOAPUI and this settings :

AXIS Adapter is maybe an Alternative but I need to know if it's possible with the SOAP Adapter.

Regards,
Youri

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member607993
Contributor
‎2019 Jun 13 11:09 AM

Hi Youri,

Please refer the below link which may be help you:

https://blogs.sap.com/2019/05/31/integrating-amazon-simple-storage-service-amazon-s3-and-sap-ecc-v6....

Show replies
Show replies
YouriC
Participant
‎2019 Jun 14 10:33 AM
0 Likes

Hi Rajesh,

Your blog is very interesting.
I will see if I can apply this solution asap.

I also created a SAP Incident for this problem.
I think SAP has to handle SHA256 for Digest Algorithm, it's a W3.org recommendation.

Regards,
Youri

former_member607993
Contributor
‎2019 Jun 17 7:46 AM
0 Likes

Hi Youri,

Yes,please map the User defined function (which generates the Authorization header values dynamically) to XML root node in the Message Mapping.

former_member607993
Contributor
‎2019 May 09 5:37 AM
0 Likes

Hi Youri,

You can use UDF in graphic mapper to generate x-amz-content-sha-256 header:

public String generateContentHashing(String payload)

{

StringBuilder payloadSb = new StringBuilder();

try

{

MessageDigest md = MessageDigest.getInstance("SHA-256");

byte[] hashPayloadInBytes = md.digest(payload.getBytes(StandardCharsets.UTF_8));

for (byte b : hashPayloadInBytes)

{

payloadSb.append(String.format("%02x", b));

}

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

}

return payloadSb.toString();

}

Show replies
Show replies
former_member607993
Contributor
‎2019 May 16 12:59 PM
0 Likes

Hi Youri,

Did you try this.?

YouriC
Participant
‎2019 May 23 8:04 AM
0 Likes

No, I don't try this approach.

I'm looking for a solution in the Integration Builder with the Communication Channel or Integrated Configuration settings.
Currently I try with the Axis Adapter but I have the same problem :

SECU3518: Invalid digest algorithm 'http://www.w3.org/2000/09/xmldsig#sha1' used. Expecting 'http://www.w3.org/2001/04/xmlenc#sha256'

I found some informations in this note 688983, apparently SAP only uses SHA1 for Digest Algorithm ...

But in the W3.Org documentation : https://www.w3.org/TR/xmlsec-algorithms/#digest-method-uris

SHA-1 is the only digest algorithm defined in [XMLDSIG-CORE] and is mandatory to implement in that specification and in [XMLENC-CORE]. Use of SHA-1 is discouraged in [XMLDSIG-CORE1] and [XMLENC-CORE1] both of which mandate SHA-256 as mandatory to implement and offer a number of other optional SHA algorithms.

former_member607993
Contributor
‎2019 May 23 8:11 AM
0 Likes

Hi Youri,

You can try with Java mapping.

YouriC
Participant
‎2019 May 23 8:16 AM
0 Likes

Where to put the UDF ? On my XML root node in the Message Mapping ?

Ask a Question