1 Sample XML Signatures[1][2]
3 [1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
4 [2] http://www.w3.org/TR/2001/REC-xml-c14n-20010315
6 1. A large and complex signature:
8 This includes internal and external base 64, references of the forms
9 "", "#xpointer(/)", "#foo" and "#xpointer(id('foo'))" (with and
10 without comments), manifests, signature properties, simple xpath
11 with here(), xslt, retrieval method and odd interreferential
14 signature.xml - A signature
15 signature.tmpl - The template from which the signature was created
16 signature-c14n-*.txt - All intermediate c14n output
18 2. Some basic signatures:
20 The key for the HMAC-SHA1 signatures is "secret".getBytes("ASCII")
21 which is, in hex, (73 65 63 72 65 74). No key info is provided for
24 signature-enveloped-dsa.xml
25 signature-enveloping-b64-dsa.xml
26 signature-enveloping-dsa.xml
27 signature-enveloping-hmac-sha1-40.xml
28 signature-enveloping-hmac-sha1.xml
29 signature-enveloping-rsa.xml
30 signature-external-b64-dsa.xml
31 signature-external-dsa.xml - The signatures
32 signature-*-c14n-*.txt - The intermediate c14n output
34 3. Varying key information:
36 To resolve the key associated with the KeyName in `signature-keyname.xml'
37 you must perform a cunning transformation from the name `Xxx' to the
38 certificate that resides in the directory `certs/' that has a subject name
39 containing the common name `Xxx', which happens to be in the file
42 To resolve the key associated with the X509Data in `signature-x509-is.xml',
43 `signature-x509-ski.xml' and `signature-x509-sn.xml' you need to resolve
44 the identified certificate from those in the `certs' directory.
46 In `signature-x509-crt-crl.xml' an X.509 CRL is present which has revoked
47 the X.509 certificate used for signing. So verification should be
51 signature-retrievalmethod-rawx509crt.xml
52 signature-x509-crt-crl.xml
53 signature-x509-crt.xml
55 signature-x509-ski.xml
56 signature-x509-sn.xml - The signatures
57 certs/*.crt - The certificates
59 Merlin Hughes <merlin@baltimore.ie>
60 Baltimore Technologies, Ltd.
61 http://www.baltimore.com/
63 Thursday, April 4, 2002