WARNING: This server provides a static reference view of the NetKernel documentation. Links to dynamic content do not work. For the best experience we recommend you install NetKernel and view the documentation in the live system .

Endpoint
Name:PKIVerifyCert
Description:Verify signature using an X.509 certificate
Id:PKIVerifyCert
Category:accessor
Identifier Syntax

PKIVerifyCert is an accessor using Active URI syntax with the following base identifiers:

Base
active:pkiVerify

and the following arguments: (for more details on argument passing details see here)

ArgumentRulesTypingDescription
operand
Mandatory
Representation (java.lang.Object)resource to verify
signature
Mandatory
Representation (java.lang.Object)hexadecimal signature for verfication
publicKeyCertificate
Mandatory
Representation (java.lang.Object)RFC 1421 X.509 public key certificate
Request Verbs

The following verb is supported:

Verb
SOURCE
Response

The response representation of this accessor for SOURCE requests is unknown.

This accessor throws no documented exceptions.

Import Requirements

To use PKIVerifyCert accessor you must import the module urn:org:netkernel:mod:security:

<import>
  <uri>urn:org:netkernel:mod:security</uri>
</import>

Verifies the signature of the operand resource which is SOURCEd as an IReadableBinaryStreamRepresentation. The signature argument should be a string generated using the pkiSign accessor.

Returns a boolean - true if signature is valid.

Compatibility

This tool uses a 256-bit buffer to stream the operand resource - it will therefore generate a signature including padding with zero's for any operand that exceeds the 256 modulo.

This tool is provided for compatibility with older services. We recommend that you use the standard unpadded RSASHA1 signature available with the active:pkiSignStandard and verifiable with active:pkiVerifyStandard.

Certificate

The certificate argument should be an X.509 certificate resource that will be SOURCEd as an IReadableBinaryStreamRepresentation.