[ main >> SIG_rdf ]
	


in Japanese

















   Table of Contents[top]

   Overview[top]
SIG_rdf
SIG_rdf (RDF with XML signature) is our project to promote the use of XML signature within the security information exchange. We have the X.509 certification as CN=JVNRSS Research Project and publish the security information with XML enveloped signature in JVNRSS Feasibility Study Site.
Example: SIG_rdf
TRnotes with Enveloped Signature
parameter.xml with Enveloped Signature
CVSS V1.0 Calculator (Ver1.0)
[ Chinese | Dutch | English | German | Japanese | Korean | Portuguese | Spanish ]

   About XML Signature[top]
Enveloped Signature
There are three types (Detached, Enveloping and Enveloped Signature) of XML signatures. We use the Enveloped Signature within SIG_rdf project.
  • Detached Signature
    The signature is over content external to the Signature element, and can be identified via a URI or transform. Consequently, the signature is "detached" from the content it signs. This definition typically applies to separate data objects, but it also includes the instance where the Signature and data object reside within the same XML document but are sibling elements.
  • Enveloping Signature
    The signature is over content found within an Object element of the signature itself. The Object (or its content) is identified via a Reference (via a URI fragment identifier or transform).
  • Enveloped Signature
    The signature is over the XML content that contains the signature as an element. The content provides the root XML document element. Obviously, enveloped signatures must take care not to include their own value in the calculation of the SignatureValue.
XML Signature

Enveloped Signature

<Signature >Root element of a XML Signature
<SignedInfo>The structure of SignedInfo includes the canonicalization algorithm, a signature algorithm , and one or more references.
<CanonicalizationMethod>Required element that specifies the canonicalization algorithm applied to the SignedInfo element prior to performing signature calculations.
<SignatureMethod>The algorithm used for signature generation and validation.
<Reference>Digest algorithm and digest value, and optionally an identifier of the object being signed, the type of the object, and/or a list of transforms to be applied prior to digesting.
<Transforms>Ordered list of Transform elements; these describe how the signer obtained the data object that was digested. The output of each Transform serves as input to the next Transform.
<DigestMethod>The digest algorithm to be applied to the signed object.
<DigestValue>The encoded value of the digest.
<SignatureValue>The actual value of the digital signature; it is always encoded using base64.
<KeyInfo>Information on public key used by verifying xml signature document.
<X509Data>Identifiers of keys or X509 certificates (or certificates' identifiers or a revocation list).
<X509Certificate>Base64-encoded X509v3 certificate.
Timestamp Property
Timestamp Attribute wihtin Enveloped Signature

<Object Id="signatureProperties">Root element of a SignatureProperty
<SignatureProperties >Group of a SignatureProperty
<SignatureProperty >SignatureProperty
<TimeStamp>TimeStamp [2]
[1] XML-Signature Syntax and Processing, http://www.w3.org/TR/xmldsig-core/
[2] W3C, Date and Time Formats, http://www.w3.org/TR/NOTE-datetime

   SIG_rdf sign: XML Sign Tool for SIG_rdf[top]
WinSign Multi File version 1.0 for MS-Windows XP
WinSign Multi File version 2.0 for MS-Windows XP
  1. About WinSign
    WinSign is a XML digital signature (Enveloped Signature form) tool which supports:
    • XML digital signature by X509v3 certificate
    • Batch processing intended for plural files
      All files in unsigned XML (Download) folder are signed and outputed to signed XML (Upload) folder.
    • CRL (Certificate Revocation List) Online Validation
    • English and Japanese character sets
    • Signature Specification
      DigestMethod: SHA-1 [3], SignatureMethod: RSA-SHA1 [4], CanonicalizationMethod: C14N XML canonicalization transform without comments [5], Transform: Enveloped Signature [6]
    • Timestamp Property (V2.0)

  2. License

  3. Requirements
    • Microsoft Windows XP

  4. Installation
    • Install "Microsoft .NET Framework Version 2.0 Redistributable Package (x86)" [1].
    • Copy all the distribution files to an arbitrary directory.
    • Edit the INI file (xsig.ini) to reflect the configuration of installed directories.
      JVNRSS_SIGN
      [PATH]
      Bin=C:\winsign\bin\...Folder to store Application file
      Download=C:\winsign\download\...Folder to store Raw XML files
      Upload=C:\winsign\upload\...Folder to store Signed XML files
      Crl=C:\winsign\crl\...Folder to which the CRL file is downloaded
      [LANGUAGE]
      Language=J...Language mode of WinSign
      E: English J: Japanese

  5. Usage
    • Store XML files in unsigned XML (Download) folder.
    • Execute "winxsig.exe".
    • Select a certificate from the list.
      Note: Certificate Management function in Windows is used.
    • Click the button "Sign".
      Note: To execute CRL Online Validation,check the option "CRL Online Validation".
    • XML signature files (added .sig extension) are outputed in signed XML (Upload) folder.

  6. Download
    JVNRSS SIG_rdf sign [ jvnrss_sigrdf_sign_2.0.zip (rev20061224) ] [ README (rev20061224) ]
    • WinSign Multi File version 2.0 for MS-Windows XP
    • CmdSign Multi File version 2.0 for MS-Windows XP
        MD5 = 14 D9 E5 C7 A8 41 BB 9F 86 DF D0 FE CB DA 3A FD
       SHA1 = FC20 B3F4 A611 93C1 6A56 6407 2275 F86D DDE3 5AF0
     RMD160 = 606D 10DA 4D0D 674D 88B8 84F4 8F22 4D0D 010F 1894
     SHA256 = 2C560876 89DABDB2 D21ED2F6 56CF00A7
              247F6312 36CF158D 4FA03C10 AE7567DA
     SHA384 = AEBD1BC9 64E7EF7B BC646EBC 9B2D151E
              E914AF53 7BA9F638 DB747D5A E265A1B0
              666DE8F2 8847ED50 CDB15785 E6C19819
     SHA512 = 16E904B1 93490591 3BA09D3F 15126DE8
              E9EFFBB6 F3283197 6859CF21 2284C7CF
              C444E5E2 947AE084 A4342903 84620BD6
              5FCC9BE8 2BED597E A4E4B23E B65BA84B
    
  7. Note
    WinSign is a tool developed by Microsoft Visual Studio 2005 Ver8.0 (C#) and Microsoft .NET Framework Ver2.0. When manipulating the Signed XML Document, a part of Signed XML file character codes might be converted by specification of the XML Document Object Model (DOM)[2] .
Ready to Sign Completed Sign
[1] Microsoft .NET Framework Version 2.0 Redistributable Package (x86), http://www.microsoft.com/downloads/details.aspx? FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
[2] Entity References are Expanded and Not Preserved, http://msdn2.microsoft.com/en-us/library/bk9tc7f9.aspx
[3] http://www.w3.org/2000/09/xmldsig#sha1
[4] http://www.w3.org/2000/09/xmldsig#rsa-sha1
[5] http://www.w3.org/TR/2001/REC-xml-c14n-20010315
[6] http://www.w3.org/2000/09/xmldsig#enveloped-signature

   SIG_rdf verify: XML Verify Tool for SIG_rdf[top]
WinVerify Single File version 1.0 for MS-Windows XP
  1. About WinVerify
    WinVerify is a XML digital signature verification tool (Enveloped Signature form) which supports:
    • Verification of XML digital signature by X509v3 certificate
    • Check X509v3 certificate expiration date
    • Verification of X509v3 public key certificate chain
    • CRL (Certificate Revocation List) Online Validation
    • English and Japanese character sets
    • Signature Specification
      DigestMethod: SHA-1 [2], SignatureMethod: RSA-SHA1 [3], CanonicalizationMethod: C14N XML canonicalization transform without comments [4], Transform: Enveloped Signature [5]

  2. License

  3. Requirements
    • Microsoft Windows XP

  4. Installation
    • Install "Microsoft .NET Framework Version 2.0 Redistributable Package (x86)" [1].
    • Copy all the distribution files to an arbitrary directory.
    • Edit the INI file (xverif.ini) to reflect the configuration of installed directories.
      JVNRSS_VERIFY
      [PATH]
      Bin=C:\winverify\bin\...Folder to store Application file
      Crl=C:\winverify\crl\...Folder to which the CRL file is downloaded
      [LANGUAGE]
      Language=J...Language mode of WinVerify
      E: English J: Japanese

  5. Usage
    • Execute "xverif.exe".
    • Click the button "Browse". Select the file to be verified use the Common File Open Dialog.
    • Click the button "Verify".
      Note: To execute CRL Online Validation,check the option "CRL Online Validation".

  6. Download
    JVNRSS SIG_rdf verify [ jvnrss_sigrdf_verify_1.0.zip (rev20061212) ] [ README (rev20061212) ]
    • WinVerify Sigle File version 1.0 for MS-Windows XP
    • WinVerify Multi File version 1.0 for MS-Windows XP
    • CmdVerify Multi File version 1.0 for MS-Windows XP
        MD5 = DC AE 79 EA C8 E7 9E F8 A5 B3 1F 58 4C 8A CC ED
       SHA1 = C1C2 8D45 D759 91ED 8F0E A44F 8413 38A7 B13A 9560
     RMD160 = D02C AED2 C33F B6BD A251 A089 664F 07FD 575D 2594
     SHA256 = E51D9E78 33D21F95 23DD0802 9E8FF981
              38C0DF53 8DFE1226 9F452216 50C57237
     SHA384 = 267346E0 CD4EBBD5 343FE47E C8FC65E3
              79E988DF B0237700 01ED77D5 F377F09B
              B22CED8F 2B054B9C 584737AE 6E3C56F5
     SHA512 = 39528A2C 51876037 94B69530 07F3A02A
              47033EFE FC1EC07F F23C74F9 0FEA33A0
              55F9B49E EA7F4987 5AF3E661 A50ABB58
              A137201F 4DF7B88B AD736A24 A5096FC8
    
Completed Verification
[1] Microsoft .NET Framework Version 2.0 Redistributable Package (x86), http://www.microsoft.com/downloads/details.aspx? FamilyID=0856EACB-4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
[2] http://www.w3.org/2000/09/xmldsig#sha1
[3] http://www.w3.org/2000/09/xmldsig#rsa-sha1
[4] http://www.w3.org/TR/2001/REC-xml-c14n-20010315
[5] http://www.w3.org/2000/09/xmldsig#enveloped-signature

   Revisions[top]
  • Published (index.01.html).: 2006-06-29T10:22:18+00:00
  • XML Verify Tool for SIG_rdf (Ver1.0 rev20060904) released.: 2006-09-22T05:05+00:00
  • XML Sign Tool for SIG_rdf (Ver1.0 rev20060904) released.: 2006-09-23T00:10+00:00
  • "parameter.xml with Enveloped Signature" added.: 2006-10-14T16:56+00:00
  • "Overview, About XML Signature" updated.: 2006-12-03T00:31+00:00
  • XML Verify Tool for SIG_rdf (Ver1.0 rev20061212) released.: 2006-12-12T03:17+00:00
  • XML Sign Tool for SIG_rdf (Ver1.0 rev20061212) released.: 2006-12-12T03:17+00:00
  • Updated (index.02.html).: 2007-01-01T10:12+00:00
  • XML Sign Tool for SIG_rdf (Ver2.0 rev20061224) released.: 2007-01-01T10:12+00:00

	

Last updated: 2007-01-01T10:46:45-00:00
Valid HTML 4.01! Valid CSS!