DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
View Events Video Library
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Modern Digital Website Security: Prepare to face any form of malicious web activity and enable your sites to optimally serve your customers.

Containers Trend Report: Explore the current state of containers, containerization strategies, and modernizing architecture.

Low-Code Development: Learn the concepts of low code, features + use cases for professional devs, and the low-code implementation process.

E-Commerce Development Essentials: Considering starting or working on an e-commerce business? Learn how to create a backend that scales.

Related

  • DataWeave Interview Question: Compare IDs From Two Arrays and Create a New Array
  • MuleSoft Anypoint Platform Audit Logs to Splunk
  • The Reality of Low-Code and No-Code Applications
  • Navigating Challenges in Online Banking API Testing

Trending

  • Harnessing the Power of APIs: Shaping Product Roadmaps and Elevating User Experiences through Authentication
  • Organizational Danger Zones
  • Power of AI Language Models for React Developers: A Comprehensive Guide
  • Leveraging "INSERT INTO ... RETURNING": Practical Scenarios
  1. DZone
  2. Software Design and Architecture
  3. Integration
  4. MuleSoft: Digitally Sign and Verify a Document

MuleSoft: Digitally Sign and Verify a Document

This article details a way to secure, sign, and verify a document to prove its originality.

Sulthony H user avatar by
Sulthony H
·
Jul. 15, 16 · Tutorial
Like (4)
Save
Tweet
Share
6.3K Views

Join the DZone community and get the full member experience.

Join For Free

Max created and stored a document in a public folder. He wants to share it with other staffers so he doesn't need to send it via email. However, someone, intentionally or not, modified the content without his authorization. Obviously, Max must take the responsibility for those changes.

To protect the document, then he thinks to digitally sign it, hoping the readers will be able to identify whether it is the original one.

In this article, Max will show how to implement that through a simple Mule project. It is started with a flow to generate a mockup document in XML, sign it with a digital signature, and finally, in another flow, the document will be verified to ensure its original content.

Before we start to create the project, install the Anypoint Enterprise Security first:

  1. Open menu Help >> Install New Software…
  2. Click Add.
  3. Fill the Name field with: Anypoint Enterprise Security.
  4. Fill the Location field with: http://security-update-site-1.6.s3.amazonaws.com.
  5. Click OK to finish the configuration.
  6. Select all security connector options, and finish the installation.
  7. A new Security  section will be displayed in the palette.

Image title

After that, let's create an empty project and create the first flow:

  1. Drag and drop the HTTP connector.
  2. Complete the Connector Configuration setting.
    • Click +.
    • Leave all default values.
    • Click OK.
  3. Complete the Basic Settings.
    • Set the Field with /generateDoc.
    • Set the Allowed Method with GET.
  4. Drag and drop Set Payload on Process.
  5. Replace its default value with the following script:
<PurchaseOrder><Item number="130046593231"><Description>Video Game</Description><Price>10.29</Price></Item><Buyer id="8492340"><Name>My Name</Name><Address><Street>One Network Drive</Street><Town>Burlington</Town><State>MA</State><Country>United States</Country><PostalCode>01803</PostalCode></Address></Buyer></PurchaseOrder>


Then continue to put the next message processor:

  1. Drag and drop the Signature connector.
  2. Complete the Connector Configuration setting.
    • Click +.
    • Set the Name with XML_Signature.
    • Set the Default Signer with XML_SIGNER.
  3. Set the Operation with Sign XML.
    • Leave the Input with its default value #[payload].
    • Set the Key with any value, e.g.: maxKey.
    • Finally, set the rest of four required fields:

Field Name

Notes

Canonicalization Algorithm

The algorithm Mule uses for XML canonicalization:
EXCLUSIVE (Default)
EXCLUSIVE WITH COMMENTS
INCLUSIVE
INCLUSIVE WITH COMMENTS

Digest Method Algorithm

The algorithm Mule uses to encrypt the digest:
RIPEMD160
SHA1
SHA256 (Default)
SHA512

Signature Method Algorithm

The algorithm Mule uses to protect the message from tampering:
RSA_SHA1 (Default)
DSA_SHA1
HMAC_SHA1

Signature Type

Defines whether the signature applies to:
• data outside its containing document (DETACHED)
• a part of its containing document (ENVELOPED) (Default)
• data it contains within itself (ENVELOPING)


Next, put the final message processor in this flow:

  1. Drag and drop the File connector at the end of this flow.
  2. Set its Basic Setting as required.
    • Set the Path with any location, e.g.: src/main/resources/output.
    • Set the File Name/Pattern with any name or pattern, e.g.: doc.xml.

Image title

At this phase, we have created the first flow to generate a mockup document. In the next step, we will create another flow to verify the document.

  1. Drag and drop the File connector into the Canvas to initiate the new flow.
    • Set the Path field with src/main/resources/input.
    • Set the Move to Directory field with src/main/resources/output.
  2. Drag and drop the Byte Array to String transformer into the Process area.
  3. Drag and drop the Signature connector.
  4. Set the Connector Configuration to refer to the existing one.
  5. Set the Operation with Verify signature and leave all default values as is.
  6. Finally, put a Logger at the end of this flow.
  7. Set its value with any message, e.g.: XML Verified!

Image title

Now we have finished our simple project, and it is ready for testing. Run the project and open a browser to initiate the mockup document creation.

  1. Execute the URL e.g.: http://localhost:8081/generateDoc.
  2. This execution will return XML including the signature at the bottom of its content.
  3. You can find the newly create XML document in src/main/resources/output.

That is the first scenario for signing a document. And it is successfully signed. Next, we have to ensure that the document can be verified.

  1. Move that document into src/main/resources/input folder.
  2. Mule will read and move it to the src/main/resources/output folder.
  3. Look at the console/log message, and it's confirmed: XML Verified!

But wait, how if the document is modified by others?

  1. To simulate this issue, open the document in any text editor.
  2. Modify any value, e.g.: <Price>10.29</Price> replaced with <Price>15.29</Price>.
  3. Save and move it into src/main/resources/input folder.
  4. Mule will read and move it to src/main/resources/output folder.
  5. Validation will not proceed to the next processor.
  6. Look at the console/log message, Mule read the file but does not confirm that it is verified.

That is all! So, through this exercise, we have successfully secured a document and verified it. There are many other scenarios and connectors supported by Anypoint Enterprise Security. Feel free to improve this project and explore other possibilities which suit your purposes.

code style MuleSoft

Opinions expressed by DZone contributors are their own.

Related

  • DataWeave Interview Question: Compare IDs From Two Arrays and Create a New Array
  • MuleSoft Anypoint Platform Audit Logs to Splunk
  • The Reality of Low-Code and No-Code Applications
  • Navigating Challenges in Online Banking API Testing

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: