/n software Adapters for BizTalk

Questions / Feedback?

CMS Pipeline Component

Properties   Configuration Settings  

The CMS pipeline component implements the Cryptography Message Syntax standard for encryption and decryption with public key cryptography and X.509 digital certificates.

Remarks

The CMS pipeline component is used for encrypting, decrypting, signing, and verifying messages. The pipeline component supports processing message in PEM, DER (binary) and SMIME formats.

CMS Encoder Pipeline Component

The Encoder takes an unencrypted/unsigned data entity and generates an CMS entity as output.

Encrypting

The Encoder will only encrypt incoming data if the EncryptData property is set to True. Encrypting requires that the RecipientCert property is set to a certificate containing the public key that should be used to encrypt the data. The EncryptingAlgorithm and UseOAEP properties can be specified for further control of encryption.

Signing

The Encoder will only sign the data if the SignData property is set to True. Signing requires that the Certificate property is set to a certificate containing the private key that should be used to sign the data. The SigningAlgorithm and UsePSS properties can be specified for further control of the signature.

CMS Decoder Pipeline Component

The Decoder takes an encrypted/signed CMS entity and will decrypt/verify the message and produce the original message.

Decrypting

The Decoder will only attempt to decrypt incoming data if the DecryptData property is set to True. Decryption requires that the Certificate property is set to a certificate containing the private key that can decrypt the data (the private key that is paired with the public key that was used to encrypt the data). The RequireOAEP property can be set to True to instruct the pipeline component to throw an error if the data was not encrypted with OAEP (Optimal Asymmetric Encryption Padding).

Verifying Signatures

The Decoder will only attempt to verify the signature of the incoming data if the VerifySignature property is set to True. Verification requires that the certificate used to sign the data was attached to the message, or that the SignerCert property is set to the signer's certificate. The RequirePSS property can be set to True to instruct the pipeline component to throw an error if the data was not signed with RSA-PSS (RSA Probabilistic Signature Scheme).

Encoder Property List


The following is the full list of the properties of the encoder pipeline component with short descriptions. Click on the links for further details.

CertificateThe Certificate used to Sign or Decrypt messages.
EnableCompressionSpecifies whether to compress the message.
EncryptDataWhether to encrypt the data.
EncryptionAlgorithmThe algorithm to use for encryption.
IncludeCertificatesSpecifies whether to include the signer's certificate with the signed message.
OtherDefines a set of configuration settings to be used by the pipeline component.
OutputFormatSpecifies the output format.
RecipientCertThe certificate used to encrypt the data.
RuntimeLicenseSpecifies the adapter runtime license key.
SignatureHashAlgorithmThe signature hash algorithm used during signing.
SignDataWhether to sign the MIME data.
TempPathThe path to which temporary files are written at runtime.
TransportLogTells the adapter where and how to report information about its operations.
UseOAEPWhether to use OAEP when encrypting the MIME data.
UsePSSWhether to use RSA-PSS when signing.

Decoder Property List


The following is the full list of the properties of the decoder pipeline component with short descriptions. Click on the links for further details.

CertificateThe Certificate used to Sign or Decrypt messages.
DecryptDataWhether to decrypt the incoming data.
EnableCompressionSpecifies whether to compress the message.
OtherDefines a set of configuration settings to be used by the pipeline component.
RequireOAEPWhether an error should be thrown if OAEP was not used to encrypt the incoming message.
RequirePSSWhether an error should be thrown if RSA-PSS was not used to encrypt the incoming message.
RuntimeLicenseSpecifies the adapter runtime license key.
SignerCertContains the certificate of the message signer.
TempPathThe path to which temporary files are written at runtime.
TransportLogTells the adapter where and how to report information about its operations.
VerifySignatureWhether to attempt to verify the signature on the SMIME data.

Configuration Settings


The following is a list of configuration settings for the pipeline component with short descriptions. Click on the links for further details.

CompressBeforeSignSpecifies whether to compress before signing.
GenerateSignatureTimestampWhether to generate timestamps in signatures.
IncludeHeadersTells the adapter whether to include the headers when encoding the message.
IncludeInternalHeadersTells the adapter whether or not to include the internal headers when encoding the message.

 
 
Copyright (c) 2021 /n software inc. - All rights reserved.
/n software Adapters for BizTalk - Version 20.0 [Build 7724]