[
https://issues.apache.org/jira/browse/CAMEL-21296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17886766#comment-17886766
]
RAVI commented on CAMEL-21296:
------------------------------
Thank you, it's working with version 4.8.0.
Could you provide details on the specific changes made in 4.8.0 related to this
issue?
Even we encountered a similar issue with message digest errors when the Camel
AS2 receiver application processed and attempted to verify messages from
OpenText. After debugging, we identified that in the "ApplicationEntity" class,
the "writeTo" method utilizes the "CanonicalOutputStream," which enforces a
CRLF line terminator:
static { newline = new byte[2]; newline[0] = (byte) '\r'; newline[1] = (byte)
'\n'; }
As a result, CRLF-terminated messages from OpenText are processed correctly,
but we face digest calculation errors with LF-terminated messages. After
modifying this code to handle both CRLF and LF line endings, the issue was
resolved, and the system now works for both types of messages.
But I still see standardized code in 4.8.0 as well. Wondered how is it working.
> Camel AS2 Sender application couldn't validate MDN message
> ----------------------------------------------------------
>
> Key: CAMEL-21296
> URL: https://issues.apache.org/jira/browse/CAMEL-21296
> Project: Camel
> Issue Type: Bug
> Components: camel-as2
> Affects Versions: 4.5.0
> Reporter: RAVI
> Priority: Minor
>
> Hi Team,
>
> We are conducting a POC using the Camel-AS2 project (version 4.5.0) to
> facilitate communication with the OpenText tool, with plans to extend this
> setup for communication with our trading partners in the future.
>
> We’ve implemented a Camel-AS2 sender application, which has been configured
> to send EDI messages to the OpenText AS2 receiver. The OpenText AS2 receiver
> successfully receives the messages and sends back a signed MDN. However, our
> Camel-AS2 sender application encounters the following exception during MDN
> validation.
>
> Based on the Camel documentation, it appears that MDN verification on the
> client side isn’t fully supported by Camel. To address this, we are utilizing
> the org.apache.camel.component.as2.api.util.SigningUtils.isValid() method,
> but this is where the exception arises.
>
> We’ve identified that the message digest value computed on the MDN by
> OpenText (included in the Signature object) doesn’t match the one computed by
> the Camel-AS2 sender application upon receiving the MDN.
>
> We suspect this discrepancy may be related to line separator differences in
> the MDN message. Could you provide further insights or guidance on this issue?
>
> Here’s the relevant code snippet we are using to validate after recieving
> response from Open text:
>
> if (exchange.getMessage().getBody() instanceof MultipartSignedEntity) {
> MultipartSignedEntity responseSignedEntity = (MultipartSignedEntity)
> exchange.getMessage().getBody();
> AS2Component component = exchange.getContext().getComponent("as2",
> AS2Component.class);
> AS2Configuration configuration = component.getConfiguration();
> System.out.println("count " + responseSignedEntity.getPartCount());
> boolean verifiedFlag = SigningUtils.isValid(responseSignedEntity,
> configuration.getValidateSigningCertificateChain());
> }
>
>
> org.bouncycastle.cms.CMSSignerDigestMismatchException: message-digest
> attribute value does not match calculated value
> at
> org.bouncycastle.cms.SignerInformation.verifyMessageDigestAttribute(SignerInformation.java:550)
> ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
> at
> org.bouncycastle.cms.SignerInformation.doVerify(SignerInformation.java:452)
> ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
> at org.bouncycastle.cms.SignerInformation.verify(SignerInformation.java:659)
> ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
> at
> org.bouncycastle.cms.CMSSignedData.verifySignatures(CMSSignedData.java:436)
> ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
> at
> org.bouncycastle.cms.CMSSignedData.verifySignatures(CMSSignedData.java:411)
> ~[bcpkix-debug-jdk18on-1.77.jar:1.77.00.0]
> at
> org.apache.camel.component.as2.api.util.SigningUtils.isValidSigned(SigningUtils.java:155)
> ~[classes/:na]
> at
> org.apache.camel.component.as2.api.util.SigningUtils.isValid(SigningUtils.java:191)
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
