Token Registration (PKI) API

Call this function to register a PKI token. You can specify the token status during the registration.

Below is the URL to access the API functions:

PUT /CentagateWS/webresources/cert/register/pkcs7/{admin_username}

Parameters

No	Parameters	Occurrence	Descriptions
1	username	Required	The user's username
2	Signature	Required	The PKCS #7 attached signature encode in base64
3	Algorithm	Optional	The algorithm used during the signing. Valid values are 0 = sha1, 1 = sha256, 2 = sha384, 3 = sha512
4	timestamp	Required	Unix Timestamp In Millisecond When User Register The Certificate. Server Will Reject The Request If The Request Is 5 Minutes More Or Less Than The Server Current Time.
5	Status	Required	Token status which required are 1 = Pending, 2 = Valid, 3 = Temp Deactivated, 4 = Deactivated
6	cenToken	Required	The hmac value calculated using sha256 with SecretCode as Key and plaintext from admin Username + AuthToken

Sample Code

As in below there are some examples of source code of access the API functions:

Java

public static void main(String[] args) {

	ClientConfig config = new DefaultClientConfig ();
	Client client = Client.create ( config );
	WebResource service = client.resource ("https://<domain_name>/CentagateWS/webresources");
			
	Gson gson = new Gson();
	
	String timestamp = String.valueOf(System.currentTimeMillis() / 1000L);
	
	String authToken = "{authToken}"
	String adminUsername = "{adminUsername}";
	String secretCode "{secretCode}";
	String cenToken = convertHmacSha256(secretCode, adminUsername + authToken);

	HashMap<String, String> map = new HashMap<String, String>();
	map.put("username", "username");
	map.put("signature", "signature");
	map.put("algorithm", "algorithm");
	map.put("timestamp", timestamp);
	map.put("status", "status");
	map.put("cenToken", cenToken);  

	ClientResponse response = service.path("cert").path("register").path("pkcs7").path(adminUsername).accept(MediaType.APPLICATION_JSON).put(ClientResponse.class, gson.toJson(map));
				
	String retJson = response.getEntity(String.class);

	HashMap<String, Object> returnData = (HashMap<String, Object>) gson.fromJson(retJson, HashMap.class);

	String code = returnData.get("code").toString();
	String message = returnData.get("message").toString();
	String object = returnData.get("object").toString();
}

public static String convertHmacSha256(String secretKey, String params) throws NoSuchAlgorithmException, 
            InvalidKeyException,IllegalStateException, SignatureException, NoSuchProviderException, Exception
{
	try
	{
		final SecretKeySpec secret_key = new SecretKeySpec ( StringUtils.getBytesUtf8 ( secretKey ) , "HmacSHA256" );
		final Mac mac = Mac.getInstance ( "HmacSHA256" );
		mac.init ( secret_key );
		final byte[] bytes = mac.doFinal ( StringUtils.getBytesUtf8 ( params ) );
		return Hex.encodeHexString ( bytes );
	}
	catch ( NoSuchAlgorithmException e )
	{
		throw new NoSuchAlgorithmException ( e );
	}
	catch ( InvalidKeyException e )
	{
		throw new InvalidKeyException ( e );
	}
	catch ( IllegalStateException e )
	{
		throw new IllegalStateException ( e );
	}
	catch ( Exception e )
	{
		throw new Exception ( e );
	}
}

Node Js

const https = require('https')

var crypto = require('crypto');
var username = "<username>";
var signature = "<signature>";
var algorithm = "<algorithm>";

var time = Math.round((new Date()).getTime() / 1000);
var timestamp = time.toString();
var status = "<status>";

var adminUsername = "<adminUsername>";
var authToken = "<authToken>";
var secretCode = "<secretCode>";
  
var cenTokenText = adminUsername + authToken;
var hash, cenToken;

/* generate cenToken value*/
cenToken = crypto.createHmac(sha256, secretCode);    
cenToken.write(cenTokenText);
cenToken.end();      
hash = cenToken.read().toString('hex');    

const data = JSON.stringify({
	username: username,
	signature: signature,
	algorithm: algorithm,
	timestamp: timestamp,
	status: status,
	cenToken: hash
})

const options = {
	hostname: "<domain_name>",
	port: 443,
	path:'/CentagateWS/webresources/cert/register/pkcs7/"+adminUsername)',
	method: 'PUT',
	headers: {
		'Accept': 'application/json',
		'Content-Type': 'application/json',
	}
}

const req = https.request(options, res =>{
	console.log(`HTTP Status Code: ${res.statusCode}`)
	var body = '';
	res.on('data', function(d){
		
	body += d;
	var parsed = JSON.parse(body);
	
	if (parsed.code == 0){
	   console.log('Authentication Succeed');
	   console.log('Response:');
	   console.log(body);
	}
	else {
	  console.log('Authentication Fail, ' +'Message:' + parsed.message);
	  console.log('Code:' + parsed.code); 
	}
		
	})
})

req.on('ERROR', error => {
	console.error(error)
})

req.write(data)
req.end()

PHP

<?php
    $adminUsername = "<adminUsername>";
    $url = 'https://<domain_name>/CentagateWS/webresources/cert/register/pkcs7/'.$adminUsername;
    
    $ch = curl_init($url);
    
    $secretCode = "<secretCode>";
    $authToken = "<authToken>";
    
    $username = "<username>";
    $signature = "<signature>";
    $validity = "<validity>";
    $time = time(); // get current timestamp
    $timestamp = strval($time); //convert timestamp to String
    $status = "<status>";
    
    $cenToken_text = $adminUsername.$authToken;
    $cenToken = hash_hmac('sha256', $cenToken_text, $secretCode); // calculate cenToken value
    
    $jsonData = array (
    	'username'=> $username,
    	'signature'=> $signature,
    	'validity'=> $validity,
    	'timestamp'=> $timestamp,
    	'status'=> $status,
    	'cenToken' => $cenToken
    );
    
    $jsonDataEncoded = json_encode($jsonData);
    
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
    curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    
    $result = curl_exec($ch);
    
    
    $obj = json_decode($result); 
    if ($obj->{'code'} != 0){
    	print "Authentication fail";
    	print "Message: ".$obj->{'message'}; 
    	echo " <br>"; 
    	print "Code: ".$obj->{'code'};
    }
    else {
    	print "Authentication succeed";
    	echo " <br>"; 
    	print "Message: ".$obj->{'message'}; 
    	echo " <br>"; 
    	print "Code: ".$obj->{'code'}; 
    	echo " <br>"; 
    	print "Result:" ;
    	echo " <br>"; 
    	print $result;
    }
    
    curl_close($ch);

?>

Error Code

Return Code	Details
0	Success
10002	Invalid Input
10003	DB protection error
10004	DB error
10011	Crypto error
22002	User not found
22004	User is not active
22027	User already bound with a token