Online documentation - Websydian v6.1 |
Introduction Implementing Other Uses Parts Example Background
Implementing Integrity Control is straight forward and requires only a few steps.
All Event Handler functions in the application that are to implement Integrity Control must inherit from the EventHandlerWithSignature pattern. In addition, any Page Generator function using one or more Event Handlers with digital signature must inherit from the PageGeneratorWithSignature pattern.
Example:
MyPageFunction | is a FNC | PageGeneratorWithSignature |
MyPageFunction.Event1 | is a FNC | EventHandlerWithSignature |
MyPageFunction.Event2 | is a FNC | EventHandlerWithSignature |
In the Websydian application, an algorithm should preferably be specified to retrieve the private signature key (secret key) used as input for the Digital Signature algorithm. To make the application secure, the key should be saved in a table or data area that only the application and the system operator have access to.
Each Event Handler and Page Generator including the Digital Signature functionality must then call this algorithm to set the value of the SignatureKey field.
Example:
The example shows the edit points to use and the local fields to assign to set the value of the secret key used for the Digital Signature algorithm. The assignment is shown for a Page Generator as well as an Event Handler function.
If no value is assigned to the secret key field, the key will be set to the name of the CA Plex group model by the SignFields signature function. If so, it will be difficult, but theoretically possible to break the Integrity Control for someone knowing the key and the algorithm used.
Event Handler and Page Generator function, for which Digital Signature functionality has been included, need to be regenerated and recompiled. This is also the case with the Document Template Generators scoped under the Page Generator functions, and in turn these must be rerun to produce Document Templates containing Digital Signature markers.
An implication of using the Integrity patterns is that whenever the hidden fields of an Event Handler function are changed, the Page Generator functions using the Event Handler must also be regenerated and compiled.