Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-21296

Camel AS2 Sender application couldn't validate MDN message

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 4.5.0
    • 4.8.0
    • camel-as2
    • None
    • Unknown

    Description

      Hi Team,
       
      We are conducting a POC using the Camel-AS2 project (version 4.5.0) to facilitate communication with the OpenText tool, with plans to extend this setup for communication with our trading partners in the future.
       
      We’ve implemented a Camel-AS2 sender application, which has been configured to send EDI messages to the OpenText AS2 receiver. The OpenText AS2 receiver successfully receives the messages and sends back a signed MDN. However, our Camel-AS2 sender application encounters the following exception during MDN validation.
       
      Based on the Camel documentation, it appears that MDN verification on the client side isn’t fully supported by Camel. To address this, we are utilizing the org.apache.camel.component.as2.api.util.SigningUtils.isValid() method, but this is where the exception arises.
       
      We’ve identified that the message digest value computed on the MDN by OpenText (included in the Signature object) doesn’t match the one computed by the Camel-AS2 sender application upon receiving the MDN.
       
      We suspect this discrepancy may be related to line separator differences in the MDN message. Could you provide further insights or guidance on this issue?
       
      Here’s the relevant code snippet we are using to validate after recieving response from Open text:
       
      if (exchange.getMessage().getBody() instanceof MultipartSignedEntity)

      {     MultipartSignedEntity responseSignedEntity = (MultipartSignedEntity) exchange.getMessage().getBody();     AS2Component component = exchange.getContext().getComponent("as2", AS2Component.class);     AS2Configuration configuration = component.getConfiguration();     System.out.println("count " + responseSignedEntity.getPartCount());     boolean verifiedFlag = SigningUtils.isValid(responseSignedEntity, configuration.getValidateSigningCertificateChain()); }

       
       
      org.bouncycastle.cms.CMSSignerDigestMismatchException: message-digest attribute value does not match calculated value
      at org.bouncycastle.cms.SignerInformation.verifyMessageDigestAttribute(SignerInformation.java:550) ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
      at org.bouncycastle.cms.SignerInformation.doVerify(SignerInformation.java:452) ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
      at org.bouncycastle.cms.SignerInformation.verify(SignerInformation.java:659) ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
      at org.bouncycastle.cms.CMSSignedData.verifySignatures(CMSSignedData.java:436) ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
      at org.bouncycastle.cms.CMSSignedData.verifySignatures(CMSSignedData.java:411) ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
      at org.apache.camel.component.as2.api.util.SigningUtils.isValidSigned(SigningUtils.java:155) ~[classes/:na]
      at org.apache.camel.component.as2.api.util.SigningUtils.isValid(SigningUtils.java:191) 

      Attachments

        Activity

          People

            Unassigned Unassigned
            raavi RAVI
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: