API Method - verifySignature
Last updated
Last updated
Purpose
Use the “verifySignature” method for validating the signature.
POST
http://www.example.com/emCAServices/rest/verifySignature
When a request is received by the emCA service, we will decrypt the request JSON Object with the same AES key that is shared to the client.
After successful decryption, request JSON object (Signed data + Username + Password) is retrieved.
First emCA service will validate the username and password and check if the IP Address used for the request and registered with the user are the same.
If it is the same then signed data (signature) is validated by trust verification, CRL verification, and expiry.
If validation fails at any point in processing the request, the emCA service will throw an error /failure message.
JSON Object Contains below parameters
Response JSON Format
Error Messages
Parameter
Presence
Data Type
Description
userName
M
String
You need to pass username that is registered with emCA for API process.
password
M
String
You need to pass the password that is registered with emCA for API process.
signature
M
String
Pass the signature (signed data) in section 5 i.e., PKCS#7 data generated based on the TBS.
Parameter
Presence
Data Type
Description
requestData
M
String
All the request input parameters mentioned above should be converted to JSON object and encrypted with AES 256 key shared with you by the emCA team.
Pass Encrypted JSON Object.
userName
M
String
You need to pass username that is registered with emCA for API process.
Key
Presence
Value
Description
Application / JSON
M
Content-Type
Type of request should be in JSON Format.
Authentication Key
M
emKey
emKey is an encoded key (Refer section 4 for generating Authentication Key using command prompt).
Parameter
Data Type
Description
response
String
Returns JSON Object
Parameter
Data Type
Description
status
String
Returns Status of the request as success if signature is successfully validated.
Returns status of the request as failure when authentication fails or unregistered user tries to call the API
result
String
Returns
In case of success: “Signature verified successfully”
message will be displayed.
In case of failure: error message will be displayed
subscriberId
String
Returns Subscriber Id
requestId
String
Returns Request ID null
Error Message
Description
Signature Verification Failed
In case of user does not exist.