|
|
Table of Contents | [top] |
|
|
Overview | [top] |
|
|
About XML Signature | [top] |
Enveloped Signature
There are three types (Detached, Enveloping and Enveloped Signature) of XML signatures.
We use the Enveloped Signature within SIG_rdf project.
- Detached Signature
The signature is over content external to the Signature element, and can be identified via a URI or transform. Consequently, the signature is "detached" from the content it signs. This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but are sibling elements.
- Enveloping Signature
The signature is over content found within an Object element of the signature itself. The Object (or its content) is identified via a Reference (via a URI fragment identifier or transform).
- Enveloped Signature
The signature is over the XML content that contains the signature as an element. The content provides the root XML document element. Obviously, enveloped signatures must take care not to include their own value in the calculation of the SignatureValue.
|
|
<Signature > | Root element of an XML Signature |
<SignedInfo> | The structure of SignedInfo includes the canonicalization algorithm, a signature algorithm , and one or more references. |
<CanonicalizationMethod> | Required element that specifies the canonicalization algorithm applied to the SignedInfo element prior to performing signature calculations. |
<SignatureMethod> | The algorithm used for signature generation and validation. |
<Reference> | Digest algorithm and digest value, and optionally an identifier of the object being signed, the type of the object, and/or a list of transforms to be applied prior to digesting. |
<Transforms> | Ordered list of Transform elements; these describe how the signer obtained the data object that was digested. The output of each Transform serves as input to the next Transform. |
<DigestMethod> | The digest algorithm to be applied to the signed object. |
<DigestValue> | The encoded value of the digest. |
<SignatureValue> | The actual value of the digital signature; it is always encoded using base64. |
<KeyInfo> | Information on public key used by verifying xml signature document. |
<X509Data> | Identifiers of keys or X509 certificates (or certificates' identifiers or a revocation list). |
<X509Certificate> | Base64-encoded X509v3 certificate. |
|
[1] XML-Signature Syntax and Processing, http://www.w3.org/TR/xmldsig-core/
|
|
|
SIG_rdf sign: XML Sign Tool for SIG_rdf | [top] |
WinSign Multi File version 1.0 for MS-Windows XP
- About WinSign
WinSign is a XML digital signature (Enveloped Signature form) tool which supports:
- XML digital signature by X509v3 certificate
- Batch processing intended for plural files
All files in unsigned XML (Download) folder are signed and outputed to signed XML (Upload) folder.
- CRL (Certificate Revocation List) Online Validation
- English and Japanese character sets
- Signature Specification
DigestMethod: SHA-1 [3],
SignatureMethod: RSA-SHA1 [4],
CanonicalizationMethod: C14N XML canonicalization transform without comments [5],
Transform: Enveloped Signature [6]
- License
- Requirements
- Installation
- Install "Microsoft .NET Framework Version 2.0 Redistributable Package (x86)" [1].
- Copy all the distribution files to an arbitrary directory.
- Edit the INI file (xsig.ini) to reflect the configuration of installed directories.
JVNRSS_SIGN
[PATH] | | |
Bin=C:\winsign\bin\ | ... | Folder to store Application file |
Download=C:\winsign\download\ | ... | Folder to store Raw XML files |
Upload=C:\winsign\upload\ | ... | Folder to store Signed XML files |
Crl=C:\winsign\crl\ | ... | Folder to which the CRL file is downloaded |
[LANGUAGE] | | |
Language=J | ... | Language mode of WinSign E: English J: Japanese |
|
- Usage
- Store XML files in unsigned XML (Download) folder.
- Execute "winxsig.exe".
- Select a certificate from the list.
Note: Certificate Management function in Windows is used.
- Click the button "Sign".
Note: To execute CRL Online Validation,check the option "CRL Online Validation".
- XML signature files (added .sig extension) are outputed in signed XML (Upload) folder.
- Download
JVNRSS SIG_rdf sign [ jvnrss_sigrdf_sign_1.0.zip (rev20061212) ] [ README (rev20061212) ]
- WinSign Multi File version 1.0 for MS-Windows XP
- CmdSign Multi File version 1.0 for MS-Windows XP
MD5 = 59 5B 80 43 74 A6 52 DE 4D 00 07 17 35 F4 1A 2B
SHA1 = D886 1D00 72B2 6CD8 3941 185A 5C0D B780 F6E3 BB8F
RMD160 = FCD2 D746 F4BF 3892 7311 C673 CC95 87C7 8C84 86E9
SHA256 = 44EDA8E0 B5543197 7FFC169A CF5D7829
A50F17CB C1F41C51 AE1DB785 1A6AD8CB
SHA384 = 5C15019F CE03D3BD B04660B4 13B5E482
DBA030B8 8970819D 89A63F04 48962B0F
2CAABEA8 F0522A1B 53327094 E65A8960
SHA512 = 3BA38E73 12166EBA 0124D299 D6923A58
4918F171 B5576A4C 0B08CC1C F9342484
2B1C8438 A0DD10C1 D816AD8F DC38395C
1F0AA7B9 3096E5A3 71219525 512E465A
- Note
WinSign is a tool developed by Microsoft Visual Studio 2005 Ver8.0 (C#) and Microsoft .NET Framework Ver2.0.
When manipulating the Signed XML Document, a part of Signed XML file character codes might be converted by specification of the XML Document Object Model (DOM)[2] .
|
Ready to Sign
| Completed Sign
|
|
|
|
[1] Microsoft .NET Framework Version 2.0 Redistributable Package (x86), http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
[2] Entity References are Expanded and Not Preserved, http://msdn2.microsoft.com/en-us/library/bk9tc7f9.aspx
[3] http://www.w3.org/2000/09/xmldsig#sha1
[4] http://www.w3.org/2000/09/xmldsig#rsa-sha1
[5] http://www.w3.org/TR/2001/REC-xml-c14n-20010315
[6] http://www.w3.org/2000/09/xmldsig#enveloped-signature
|
|
|
SIG_rdf verify: XML Verify Tool for SIG_rdf | [top] |
WinVerify Single File version 1.0 for MS-Windows XP
- About WinVerify
WinVerify is a XML digital signature verification tool (Enveloped Signature form) which supports:
- Verification of XML digital signature by X509v3 certificate
- Check X509v3 certificate expiration date
- Verification of X509v3 public key certificate chain
- CRL (Certificate Revocation List) Online Validation
- English and Japanese character sets
- Signature Specification
DigestMethod: SHA-1 [2],
SignatureMethod: RSA-SHA1 [3],
CanonicalizationMethod: C14N XML canonicalization transform without comments [4],
Transform: Enveloped Signature [5]
- License
- Requirements
- Installation
- Install "Microsoft .NET Framework Version 2.0 Redistributable Package (x86)" [1].
- Copy all the distribution files to an arbitrary directory.
- Edit the INI file (xverif.ini) to reflect the configuration of installed directories.
JVNRSS_VERIFY
[PATH] | | |
Bin=C:\winverify\bin\ | ... | Folder to store Application file |
Crl=C:\winverify\crl\ | ... | Folder to which the CRL file is downloaded |
[LANGUAGE] | | |
Language=J | ... | Language mode of WinVerify E: English J: Japanese |
|
- Usage
- Execute "xverif.exe".
- Click the button "Browse". Select the file to be verified use the Common File Open Dialog.
- Click the button "Verify".
Note: To execute CRL Online Validation,check the option "CRL Online Validation".
- Download
JVNRSS SIG_rdf verify [ jvnrss_sigrdf_verify_1.0.zip (rev20061212) ] [ README (rev20061212) ]
- WinVerify Sigle File version 1.0 for MS-Windows XP
- WinVerify Multi File version 1.0 for MS-Windows XP
- CmdVerify Multi File version 1.0 for MS-Windows XP
MD5 = DC AE 79 EA C8 E7 9E F8 A5 B3 1F 58 4C 8A CC ED
SHA1 = C1C2 8D45 D759 91ED 8F0E A44F 8413 38A7 B13A 9560
RMD160 = D02C AED2 C33F B6BD A251 A089 664F 07FD 575D 2594
SHA256 = E51D9E78 33D21F95 23DD0802 9E8FF981
38C0DF53 8DFE1226 9F452216 50C57237
SHA384 = 267346E0 CD4EBBD5 343FE47E C8FC65E3
79E988DF B0237700 01ED77D5 F377F09B
B22CED8F 2B054B9C 584737AE 6E3C56F5
SHA512 = 39528A2C 51876037 94B69530 07F3A02A
47033EFE FC1EC07F F23C74F9 0FEA33A0
55F9B49E EA7F4987 5AF3E661 A50ABB58
A137201F 4DF7B88B AD736A24 A5096FC8
|
Completed Verification
|
|
|
[1] Microsoft .NET Framework Version 2.0 Redistributable Package (x86), http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
[2] http://www.w3.org/2000/09/xmldsig#sha1
[3] http://www.w3.org/2000/09/xmldsig#rsa-sha1
[4] http://www.w3.org/TR/2001/REC-xml-c14n-20010315
[5] http://www.w3.org/2000/09/xmldsig#enveloped-signature
|
|
|
Revisions | [top] |
- Published (index.01.html).: 2006-06-29T10:22:18+00:00
- XML Verify Tool for SIG_rdf (Ver1.0 rev20060904) released.: 2006-09-22T05:05+00:00
- XML Sign Tool for SIG_rdf (Ver1.0 rev20060904) released.: 2006-09-23T00:10+00:00
- "parameter.xml with Enveloped Signature" added.: 2006-10-14T16:56+00:00
- "Overview, About XML Signature" updated.: 2006-12-03T00:31+00:00
- XML Verify Tool for SIG_rdf (Ver1.0 rev20061212) released.: 2006-12-12T03:17+00:00
- XML Sign Tool for SIG_rdf (Ver1.0 rev20061212) released.: 2006-12-12T03:17+00:00
- Updated (index.02.html).: 2007-01-01T10:43+00:00
|
|
|
|
|