Platform Framework
R24 AMR | Min(s) read

Working with ICrypto Interface

This section describes the ICryptoSPI interface that allows implementing the sign and verifying API to ensure secure transmission of a message.

The following code snippet shows the signature method:

    /**
     * Implement sign SPI to sign the message
     * @param message Message to generate signature ;
     * @param messageConfId Configuration Id in keyConfig.json; Null for JBC API
     * @param msgType XML or Text
     * @param configuration: In case of Java API, configuration from Keyconfig.json. In case of JBC, configuration from EB.SEC.KEY.CONFIGURATION 
     * @throws Exception throws any exception
     */
    public String sign(String message,  String messageConfId, MessageType msgType, String configuration) throws Exception;

    /**
     * Implement verify SPI to verify the signature
     * @param message Message to generate signature
     * @param messageConfId Configuration Id in keyConfig.json; Null for JBC API
     * @param msgType XML or Text
     * @param configuration: In case of Java API, configuration from Keyconfig.json. In case of JBC, configuration from EB.SEC.KEY.CONFIGURATION 
     * @param signValue Signature of the message to verify
     * @return TRUE for success; FALSE for Failure
     * @throws Exception throws any exception
     */
    public boolean verify(String message, String messageConfId, MessageType msgType, String configuration, String signValue) throws Exception;

Enabling and Configuring Crypto API

You can enable and configure Crypto API using the following procedure.

  1. Enable X.CRYPTO.PROVIDER and set custom provider name.

    For Temenos Transact,

    1. Enable the X.CRYPTO.PROVIDER field in EB.SEC.INTEGRITY.MSG.CONF (by default, it is false).
    2. Set the Custom Provider Name field with the custom property. It identifies the custom implemented class name for the respective message configuration ID using this custom property.

    For Java implementation,

    1. Enable the X.CRYPTO.PROVIDER field in KeyConfig.json (by default, it is false).
    2. Set the CUSTOM.PROVIDER.NAME field with the custom property. It identifies the custom implemented class name for the respective message configuration ID using this custom property.

      For example, CryptoMessageId is the message configuration ID that is the parameter value to sign or verify a message. If required, add other configurations like KEYSTORE.NAME, etc.

      	"CryptoMessageId": {
		"X.CRYPTO.PROVIDER": "true",
		"CUSTOM.PROVIDER.NAME": "crypto_service_proxy"
	}
      The parameters configured in KeyConfig.json and EB.SEC.KEY.CONFIGURATION will be available in the configuration variable for the implementation of Java and JBC respectively.
  2. Set temn.security.external.<custom.provider.name>=package_name.class_name in keystore.properties.

    As per the example shown in step 1, the configuration in step 2 should be set as:

    temn.security.external.crypto_service_proxy=com.temenos.api.MessageIntegrityImpl

Copyright © 2020- Temenos Headquarters SA

Contact Us

knowledge@temenos.com

Published on :
Monday, May 27, 2024 5:03:44 PM IST