Filter
Top Products
38 The XML Files: Development of XML/XSL Applications Using WebSphere Studio
SignedInfo into the SignatureValue. It is a combination of a key-dependent
algorithm and a digest algorithm, here DSA and SHA-1. The KeyInfo element
indicates the key used to validate the signature. This element is not mandatory.
Example 2-11 An XML digital signature
<Signature Id="UnitedSignature" xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<Reference URI="http://www.w3.org/TR/2000/REC-xhtml1-20000126/">
<Transforms>
<Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>kgqwequetuwetqwetteuqteuyyey</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>iu7e876werew776er</SignatureValue>
<KeyInfo>
<KeyValue>
<DSAKeyValue>
<p>...</p><Q>...</Q><G>...</G><Y>...</Y>
</DSAKeyValue>
</KeyValue>
</KeyInfo>
</Signature>
Transforms
When a document or parts of a document are decrypted, we say it is transformed
into a decrypted form. The user may need to encrypt parts of a document that
already has parts of it that have been encrypted by another user. This user may
not be able, or may not need to, decrypt those parts that he has no authority of
interest over. The W3C published a candidate recommendation on Decryption
Transform for XML Signature in March 2002 that addresses this situation.
In the following example, some data (as in line 11) has already been encrypted,
and the user needs to further encypted data of his own.
Example 2-12 Part encryption of an XML document
[01]<ticket Id="EXTYGH">
[02] <passengers>