Dear Zhijun,
Below is the error message from ssg log by directly output of SMIME Encryption Assertion
2020-06-22T18:59:23.856+0530 WARNING 458 com.l7tech.server.message: Message was not processed: Assertion Falsified (600)
2020-06-22T18:59:27.426+0530 WARNING 339 com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion: No content found.
org.bouncycastle.cms.CMSException: No content found.
at org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
at org.bouncycastle.cms.CMSEnvelopedDataParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion.doCheckRequest(Unknown Source)
at com.l7tech.server.policy.assertion.AbstractMessageTargetableServerAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerCompositeAssertion.iterateChildren(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerAllAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.ServerPolicy.checkRequest(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.common.log.HybridDiagnosticContext.doInContext(Unknown Source)
at com.l7tech.server.policy.ServerPolicyHandle.checkRequest(Unknown Source)
at com.l7tech.server.au.b(Unknown Source)
at com.l7tech.server.au.a(Unknown Source)
at com.l7tech.server.au.access$700(Unknown Source)
at com.l7tech.server.MessageProcessor.a(Unknown Source)
at com.l7tech.server.MessageProcessor.processMessageNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.serviceNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.access$000(Unknown Source)
at com.l7tech.server.a7.call(Unknown Source)
at com.l7tech.server.audit.AuditContextFactory.doWithNewAuditContext(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.service(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:342)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at com.l7tech.server.transport.http.HttpNamespaceFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.WsdlFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.ConnectionIdFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.InputTimeoutFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.log.HybridDiagnosticContextServletFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:234)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:181)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at com.l7tech.server.tomcat.ResponseKillerValve.invoke(Unknown Source)
at com.l7tech.server.tomcat.ConnectionIdValve.invoke(Unknown Source)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:295)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:610)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:410)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
2020-06-22T18:59:27.428+0530 INFO 339 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text
When I tried to define the output encrypted data in a set context variable with content type as (application/pkcs7-mime;) , getting bellow error response
2020-06-22T18:58:35.604+0530 SEVERE 529 com.l7tech.server.SoapMessageProcessingServlet: Java heap space
java.lang.OutOfMemoryError: Java heap space
2020-06-22T18:58:35.614+0530 WARNING 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Unable to get request XML: Stream closed
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.message: Processing request for service: BI [/testbiapi]
Please let me know if any further information is required.
Thanks&Regards,
M Ansar
Original Message:
Sent: 06-18-2020 07:08 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion
Can you share the decryption error message in the ssg log?
Regards,
Mark
Original Message:
Sent: 06-18-2020 09:42 AM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion
Hi Zhijun,
Thank you for your prompt response.
Using the same corresponding private key for decrypting the data but the decryption is getting failed. It is CA API Gateway self signed certificate getting used for encryption and decryption for testing purpose.-------------------------------------------
We are having some issue in logging support case , so posted it here for help.
Regards,
Ansar
Original Message:
Sent: 06-17-2020 08:01 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion
The message encrypted by a certificate can only be decrypted by its paired private key, so is the paired private key imported to gateway? (on "Manage Private Keys")
You can also open a support ticket to ask the document of this tactical assertion.
Regards,
Mark
Original Message:
Sent: 06-17-2020 04:05 PM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion
Dear All,
We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.
If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.
------------------------------
Regards,
M AnsarBaig
------------------------------