Code Signing with Upload & Sign
This API is used for code signing with upload and sign. It establishes the policies and permissions that oversee the process of uploading and signing code files. Its primary purpose is to ensure a secure and authorized code signing process, playing a crucial role in preserving control and compliance throughout code deployment and execution.
Before you begin
- Configure the signing policy with relevant details, ensuring mapping to the enrolled certificate (also identified as the signing key on the signing policy page).
- The file types selected during policy creation are the only ones permitted for upload. Supported file types include: PS1, EXE, CAT, MSI, JS, JAR, APK, VBS, CAB, WSF, DLL, PSM1, PSD1, PS1XML, JSE, and VBE.
Request Structure
| Endpoint: | /code-signing-upload-sign-file-policy |
| Type: | POST |
| Sample URL: | https://<IP/HostName/TenantName>:<GWPORT>/avxapi/code-signing-upload-sign-file-policy?gwsource=externalTo understand the elements of the sample URL, click here. |
| Headers: | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) After successfully logging in, a unique
identifier assigned to a user's session after successful
authentication. The session ID remains valid until it expires.
The session ID is a string value. Example: "ce7f1a14-2bf9-4e4a-89a8-bc780a255813" |
| username
|
(Mandatory) AppViewX login username, represented as a string
value. Example: "User" |
| password
|
(Mandatory) AppViewX login username, represented as a string
value. Example: "AppViewX@123" |
| Payload | (Mandatory) Input data for request body in application/json format. For payload details, see Payload section. |
Payload
| Name | Description |
|---|---|
| file
|
(Mandatory) Upload the file for code signing. Example: "binary" |
| fileName
|
(Mandatory) Name of the file which is a string value.
Example: "AppViewX.jar" |
| fileType
|
(Mandatory) Specific format of a file providing essential
metadata for proper handling and processing which is a string value.
Example: "JAR" |
| signingPolicy
|
(Mandatory) Enter the signing policy for code signing which is a
string value. Example: "testPolicyByAppViewX" |
| signingKey
|
(Mandatory) Enter the signing key for code signing which is a
string value. Example: "GCA_CSP_Cert=E8:F1:1A:04:29:BF:72:44:85:2A:18:12: 70:5F:74:F6:42:79:CA" |
| signedType
|
(Mandatory) Select the code signed type, a string that specifies
File Based sign. Example: "File Based Signing" |
| signatureType
|
(Optional) This ensures compliance with a designated signature
format while also allowing for potential support of additional
signing types in the future. Example: "RAW" |
| addOnFields
|
(Optional) Specify additional fields needed for code signing.
Example: "addOnFields": [{"Version":"V1"},{"Build":"1"}] |
Response Structure
- Status Code: 200 OK
- Message: Successful
- Headers:
- Content-Type: application/json
| Name | Description |
|---|---|
| response | Contains the response attributes for the upload and sign request. |
| message | Success message or failure description in case of error. |
| appStatusCode | Application specific status code for the response. Will be non-null for failure response. |
| tags | More info in case of failure response. |
Status Codes
| HTTP Code | appStatusCode | Response Message |
|---|---|---|
| 200 OK | null | Successful |
| 400 Bad Request | CODE_SIGNING_0080 | Wrong Input Payload for the text fields in the text block |
| 400 Bad Request | CODE_SIGNING_0081 | Invalid Number added in the Add-ons section |
| 400 Bad Request | CODE_SIGNING_0082 | Mandatory fields are missing in the Add-ons Section |
| 500 Internal Server Error | CODE_SIGNING_0063 | Your chosen signing type is not supported by the selected policy |
| 403 Forbidden | CODE_SIGNING_0058 | Unsupported file type is uploaded. The policy selected doesn't support uploaded file type |
| 500 Internal Server Error | CODE_SIGNING_0062 | Ip provided is invalid |
| 403 Forbidden | CODE_SIGNING_0031 | Permissions are not there to upload file for signing |
| 500 Internal Server Error | CODE_SIGNING_0070 | Signing Key is not mapped to the given policy. |
| 500 Internal Server Error | CODE_SIGNING_0073 | Certificate is not present in the cert inventory |
| 500 Internal Server Error | CODE_SIGNING_0087 | Signing Key is Revoked/Expired |
| 500 Internal Server Error | CODE_SIGNING_0020 | Error in generating the signed file |
| 500 Internal Server Error | CODE_SIGNING_0023 | I/O Exception occurred |
| 500 Internal Server Error | CODE_SIGNING_0022 | Error in generating the signature file |
| 500 Internal Server Error | CODE_SIGNING_0021 | Error in updating the signed data |
| 500 Internal Server Error | CODE_SIGNING_00220 | Your chosen signature type is currently not supported. |
Sample Request/Response
To sign a file using code-signing-upload-sign-file-policy API.
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/code-signing-upload-sign-file-policy?gwsource=external{
"payload" : {
file: (binary)
fileName: AppViewX.jar
fileType: JAR
signingPolicy: testPolicyByAppViewX
signingKey: GCA_CSP_Cert=E8:F1:1A:04:29:BF:72:44:85:2A:18:12:70:5F:74:F6:42:79:CA
signedType: File Based Signing
signatureType: RAW
addOnFields: [{"Version":"V1"},{"Build":"1"}]
}
}{
"response": "65252c675e3734782705b4cd",
"message": null,
"appStatusCode": null,
"tags": null,
"headers": null
}What's Next
Reference
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.