I've been tasked with integrating our OpenEdge 11.7 application with the Xero API in order to send and receive invoice information.
Xero use 2 legged OAuth 1.0a authentication which required me to generate a public/private key-pair using OpenSSL and upload the public certificate to Xero which I've done.
In order to access their API I need to use RSA-SHA1 encryption which Progress does not support.
I found this page on the Progress Knowledgebase
which suggests using an external cryptography library but I have not been able to get any of the suggestions working.
Essentially I need to generate an oauth_signature using RSA encryption and the private key (in a .pem file) that I generated.
Hoping someone has done this before and can offer some pointers and advice.
I haven't done exactly that, but I've used OpenSSL to do similar stuff.
The best I've come up is to make scripts that do the OpenSSL stuf (.sh, .bat) and call those scripts from ABL with OS-COMMAND, passing things as parameters of the script or files in the filesystem (managed from ABL).
Keep in mind that even OpenSSL has differences between Windows and Linux, so if you are "mixing" platforms, you may need to "tweek" things. Is always better to test in the same platform (Windows - Windows, or Linux - Linux) and when that is working then test "cross-platform".
I've worked on a Xero integration before and came to the same conclusions as you. I personally used OpenSSL to handle the RSA-SHA1 encryption.
As David suggests I used OS-COMMAND to call a script on the file-system that did the OpenSSL call and wrote the signed request out. I then read this back into the ABL for the subsequent encoding and HTTP call.
If there's something specific you're stuck with I can try to help.
Thanks both David's
I don't suppose you have some sample code you could send?
If not then I can probably work it out but I'm pretty new to this stuff so it might take me a little time.
Thanks again, it's been driving me crazy trying to get this to work, hopefully your suggestions will fix it for me.
Needs a little tidying up and refining but I think I have mostly got it
infile.txt contains the signature I want to encrypt and signature.bin contains the encrypted string.
type C:\temp\OPENSSL\infile.txt | C:\OpenSSL-Win64\bin\openssl dgst -sha1 -sign C:\temp\OPENSSL\certs\privatekey.pem -binary > C:\temp\OPENSSL\signature.bin
Thanks again for your help.
Sorry, missed a bit.
Here's the BASE64-ENCODE of the encrypted string, basically taken straight from the OpenEdge help file
DEFINE VARIABLE encdmptr AS MEMPTR NO-UNDO.
DEFINE VARIABLE encdlngc AS LONGCHAR NO-UNDO.
COPY-LOB FROM FILE "C:\temp\OPENSSL\signature.bin" TO encdmptr.
encdlngc = BASE64-ENCODE(encdmptr).
MESSAGE STRING(encdlngc) VIEW-AS ALERT-BOX.