OIC - Verifying RSA Signatures Using OCI Functions and Java – A Seamless OIC Integration

Use Case

In today’s cloud-driven world, secure communication is paramount. One critical aspect of security is verifying digital signatures using asymmetric RSA cryptography. In this scenario, you need to:

✅ Validate incoming data from a third-party system using RSA signature verification.
✅ Perform the verification logic using a Java library (with SHA256withRSA).
✅ Deploy this verification as a serverless OCI Function.
✅ Invoke this function securely from Oracle Integration Cloud (OIC) to ensure your integration flows can trust the incoming data.

---

Solution Overview

We’ll cover:

1️⃣ Writing a Java class (RSASignatureVerifier) to verify RSA signatures.
2️⃣ Deploying this logic as an OCI Function (Java runtime).
3️⃣ Calling this OCI Function from OIC (via the Function Adapter).

This ensures your verification logic is centralized, secure, and easily maintainable.

---

Step-by-Step Solution

Step 1: Java Class for RSA Signature Verification

Here’s the complete Java code (RSASignatureVerifier.java).

import java.security.*;
import java.security.spec.*;
import java.util.Base64;

public class RSASignatureVerifier {

    /**
     * Verifies an RSA signature.
     *
     * @param data The original data that was signed.
     * @param signatureBase64 The signature in Base64 encoding.
     * @param publicKeyBase64 The RSA public key in Base64 encoding (X.509 format).
     * @param hashType Hashing algorithm to use (e.g., "SHA256withRSA").
     * @return true if the signature is valid, false otherwise.
     * @throws Exception on errors during verification.
     */
    public boolean verifySignature(String data, String signatureBase64, String publicKeyBase64, String hashType) throws Exception {
        // Decode the public key
        byte[] publicKeyBytes = Base64.getDecoder().decode(publicKeyBase64);
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKeyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(keySpec);

        // Decode the signature
        byte[] signatureBytes = Base64.getDecoder().decode(signatureBase64);

        // Initialize the Signature object for verification
        Signature signature = Signature.getInstance(hashType);
        signature.initVerify(publicKey);
        signature.update(data.getBytes("UTF-8"));

        // Verify the signature
        return signature.verify(signatureBytes);
    }

    // Example usage
    public static void main(String[] args) throws Exception {
        RSASignatureVerifier verifier = new RSASignatureVerifier();

        String data = "12345678910";
        String publicKeyBase64 = "MIIBIjANBgkqhkiG9w0BAQEFAAOC..."; // truncated for brevity
        String signatureBase64 = "4BDmT8Qm8c9EQDdKLor7DXN5u..."; // truncated

        boolean isValid = verifier.verifySignature(data, signatureBase64, publicKeyBase64, "SHA256withRSA");
        System.out.println("Signature valid? " + isValid);
    }
}

Screenshot:

---

Step 2: Deploy as an OCI Function

1️⃣ Create a new OCI Function using the Java runtime.
2️⃣ Package your Java code (including the RSASignatureVerifier class) as a JAR.
3️⃣ Implement the Function’s entry point (handleRequest) to accept JSON with these fields:

{
  "data": "string to verify",
  "signatureBase64": "base64-encoded signature",
  "publicKeyBase64": "base64-encoded public key",
  "hashType": "SHA256withRSA"
}

4️⃣ Parse the JSON, call verifySignature, and return the verification result as JSON.

Here’s a sample Function handler:

import com.fnproject.fn.api.*;
import java.util.Map;

public class VerifySignatureFunction {
    public boolean handleRequest(Map<String, String> input) throws Exception {
        RSASignatureVerifier verifier = new RSASignatureVerifier();

        String data = input.get("data");
        String signatureBase64 = input.get("signatureBase64");
        String publicKeyBase64 = input.get("publicKeyBase64");
        String hashType = input.get("hashType");

        return verifier.verifySignature(data, signatureBase64, publicKeyBase64, hashType);
    }
}

---

Step 3: Invoke OCI Function from OIC

✅ Use the Oracle Integration Function Adapter.
✅ Configure it to call your OCI Function endpoint.
✅ Pass the required JSON payload dynamically from your OIC integration (e.g., mapping from integration data fields).

---

Result

🎉 Your integration flows in OIC now securely validate signatures before proceeding!
🛡️ You’ve centralized this cryptographic logic in an OCI Function, making it secure and reusable across multiple flows.

---

Conclusion

🔑 By combining Java’s cryptography libraries, OCI Functions, and OIC’s Function Adapter, you’ve built a secure, scalable, and maintainable solution for RSA signature verification.

How to generate the rsa public key: use the below online tool:

https://8gwifi.org/RSAFunctionality?rsasignverifyfunctions=rsasignverifyfunctions&keysize=2048

OIC - Can you explain how you use REST and SOAP connections in OIC?

Answer:

In Oracle Integration Cloud (OIC), REST and SOAP connections are set up to enable communication with external applications or services that expose their APIs in these formats.

🔹 REST Connections:

• I create REST connections using the REST Adapter in OIC.
• The connection is configured by specifying the base URL, authentication (like OAuth 2.0, Basic Auth), and optional headers.
• I typically use REST connections to integrate with modern web services, like external APIs or Oracle SaaS REST endpoints (e.g., ERP/HCM Cloud REST APIs).

🔹 SOAP Connections:

• I create SOAP connections using the SOAP Adapter.
• This involves uploading the WSDL file or providing the WSDL URL.
• The adapter uses the WSDL to define available operations and data structures.
• I use SOAP connections for integrations with legacy systems or Oracle SaaS SOAP web services (e.g., certain HCM/ERP services that are still SOAP-based).

✅ Practical Use in OIC Integrations:

• Once the connections are created, they are used in the integration flow.
• I drag and drop the REST or SOAP connections onto the integration canvas as invoke actions to send or receive data.
• In the mapper, I map the incoming or outgoing payloads to match the API’s structure.

OIC - What is the difference between synchronous and asynchronous integrations? Can you give examples in OIC?

Difference:

• Synchronous (sync) integrations are blocking – the calling system waits for the integration to finish and provide a response. These are best suited for real-time tasks that require immediate feedback.
  🔹 Example in OIC: A REST API-based integration where a frontend application sends a request to get the current stock level of a product in ERP and waits for the response immediately.

• Asynchronous (async) integrations are non-blocking – the calling system sends the request, and OIC processes it in the background, sending the response separately. These are used for batch processing or long-running tasks where real-time response isn’t needed.
  🔹 Example in OIC: An integration that receives a file (e.g., via FTP adapter) with thousands of records and processes it in the background to load data into Oracle ERP Cloud using FBDI.

SQL - How to get the 2nd or 3rd max salary from an employee table using sql query?

How to get the 2nd or 3rd max salary from an employee table using sql query?Answer:

Using limit and offset

2nd Maximum Salary

SELECT salary

FROM employee

ORDER BY salary DESC

LIMIT 1 OFFSET 1;

3rd Maximum Salary

SELECT salary

FROM employee

ORDER BY salary DESC

LIMIT 1 OFFSET 2;

Method 1: Using Subqueries

2nd Maximum Salary

SELECT MAX(salary) AS SecondHighestSalary

FROM employee

WHERE salary < (SELECT MAX(salary) FROM employee);

3rd Maximum Salary

SELECT MAX(salary) AS ThirdHighestSalary

FROM employee

WHERE salary < (SELECT MAX(salary) 

                FROM employee 

                WHERE salary < (SELECT MAX(salary) FROM employee));

OIC - Converting Unix Timestamps to Standard Time in JavaScript

🧐 Use Case

When working with data that uses Unix timestamps (like logs, APIs, or databases), it's essential to display them in a human-readable format (YYYY-MM-DD HH:mm:ss). JavaScript provides built-in methods to handle this, but careful handling of timezones, padding for single-digit numbers, and date formatting is needed.

💡 Solution Steps

1️⃣ Parse the Unix timestamp: Convert the numeric Unix timestamp to a Date object.
2️⃣ Extract date components: Use JavaScript's Date methods to extract the year, month, day, hour, minute, and second in UTC.
3️⃣ Pad single-digit numbers: Ensure numbers like 9 become "09" for consistent formatting.
4️⃣ Assemble the formatted string: Concatenate all components into a standard format YYYY-MM-DD HH:mm:ss.

---

📜 JavaScript Code: UnixToStandardTime.js

function UnixToStandard(TS) {
    TS = Number(TS);
    var date = new Date(TS);

    // Helper to pad with leading zeros
    function pad(n) {
        return n.toString().padStart(2, '0');
    }

    var Y = date.getUTCFullYear();
    var M = pad(date.getUTCMonth() + 1); // Months are zero-based
    var D = pad(date.getUTCDate());
    var H = pad(date.getUTCHours());
    var m = pad(date.getUTCMinutes());
    var s = pad(date.getUTCSeconds());
    var result = Y + "-" + M + "-" + D + " " + H + ":" + m + ":" + s;
    return result;
}

---

🚀 Usage Example

let timestamp = 1696177311000; // Example Unix timestamp
console.log(UnixToStandard(timestamp)); // Output: e.g., "2023-10-01 17:15:11"

This approach ensures reliable and standardized UTC time conversion, making it easier to display and interpret timestamps across different systems!

Screenshots:

Test:

OIC Gen3 new feature - Simplified file handling using system events

A new type of event is now available in Oracle Integration: a system event. Prior to this release, you had to create and publish an event, and then you could subscribe to it. However, system events are always available to be subscribed to in an event integration, without having to be created or published first. You can subscribe to system events only within a project.

The first system events that are available in Oracle Integration are for File Server. Each of the following File Server activities now raises a system event:

• Creating a folder

• Deleting a folder

• Creating a file

• Deleting a file

  Note: A system event currently isn't raised when you create or delete a file using the File server action. All other methods of creating and deleting a file do raise an event.

The File Server system events offer significant opportunities for efficiency. For example, you don't need to design an integration that checks for the existence of a file in File Server anymore. Instead, create an event integration that subscribes to the File created system event. The integration then runs whenever a file is created in File Server. You can even filter the events that the integration subscribes to.

OIC Gen3 New features 25.04 version

 Please find the best new features below:

1. Announcement Banner- 
1. You can view announcements in a banner that describe ongoing, completed, and scheduled patching and required user actions for your service instance. 
2. The announcements banner is visible only to users with the ServiceAdministrator or ServiceDeveloper role.
2. Oracle-managed disaster recovery enhancements
3. New recipes
4. Additional instances are ready for upgrade
5. Oracle Integration Artificial intelligence (AI) capabilities
6. Add a process automation action to an integration
7. Add default values in the mapper - https://soalicious.blogspot.com/2025/06/oic-gen3-new-feature-add-default-values.html
8. Export and import a project with events
9. Dynamic connection support with the connectivity agent
10. Configurable invoke connection retries - https://soalicious.blogspot.com/2025/06/oic-gen3-new-feature-add-retry-logic-to.html
11. Decisions support in Oracle Integration
12. File signing and verification : https://soalicious.blogspot.com/2025/06/oic-gen3-new-feature-sign-or-verify.html
13. Simplified file handling using system events - https://soalicious.blogspot.com/2025/06/oic-gen3-new-feature-simplified-file.html
14. AI in OIC
1. Native action for OCI AI Document Understanding service
2. AI-driven SQL generation
3. Project description generation
4. Lookup description generation
5. iCal generation
15. RPA
16. B2b introduced in Project

For more features. Follow the reference link.
Reference:
https://docs.oracle.com/en/cloud/paas/application-integration/whats-new/release-25.04-april-2025.html#GUID-E9E65F5B-B469-4D5A-B8AB-08F67EFB2192