XML Digital Signature (an Example)

In the last post, we looked at the steps involved in generating a digital signature using the XML Digital Signature spec.  The algorithm to produce a signature and validate it were explored but no examples were given.  In this post, we’ll look at an example that is given in the XML Digital Signature spec.

Example

The following XML Digital Signature is from the XML Digital Signature spec.  This is called a detached signature because the signature is separate from the document that was signed.  This is the digital signature over the spec document in HTML4 format.

   [s01] <Signature Id="MyFirstSignature" xmlns="http://www.w3.org/2000/09/xmldsig#"> 
   [s02]   <SignedInfo> 
   [s03]   <CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11"/> 
   [s04]   <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> 
   [s05]   <Reference URI="http://www.w3.org/TR/2000/REC-xhtml1-20000126/"> 
   [s06]     <Transforms> 
   [s07]       <Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/> 
   [s08]     </Transforms> 
   [s09]     <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> 
   [s10]     <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK.../DigestValue> 
   [s11]   </Reference> 
   [s12] </SignedInfo> 
   [s13]   <SignatureValue>...</SignatureValue> 
   [s14]   <KeyInfo> 
   [s15a]    <KeyValue>
   [s15b]      <DSAKeyValue> 
   [s15c]        <P>...</P><Q>...</Q><G>...</G><Y>...</Y> 
   [s15d]      </DSAKeyValue> 
   [s15e]    </KeyValue> 
   [s16]   </KeyInfo> 
   [s17] </Signature>

Notice, that we are dealing with a <Signature> element.  This is the structure that contains an XML Digital Signature.  It is defined by the XML Digital Signature specification.  It defines the default namespace to be http://www.w3.org/2000/09/xmldsig# (again, defined by the XML Digital Signature specification).

The first child element of <Signature> is the <SignedInfo> element.  The <Signedinfo> element is a wrapper for the signature’s meta-data (canonicalization method, transform list, encryption algorithm, hashing algorithm, etc) and signed data.

The first child element of <SignedInfo> is <CanonicalizationMethod>.  This element “is a required element that specifies the canonicalization algorithm applied to the SignedInfo element prior to performing signature calculations” per the XML DSig Spec.

The second element of the <SignedInfo> is <SignatureMethod>.  This defines the algorithm that is used to produce the digital signature.  It defines the hashing function, encryption function, padding, etc.

The third element of the <SignedInfo> element is <Reference>.  This can occur one or more times.  This element “specifies a digest algorithm and digest value, and optionally an identifier of the object being signed, the type of the object, and/or a list of transforms to be applied prior to digesting” per the spec.

The first child element of the <Reference> element is the <Transforms> element.  This contains a series of transforms that should be applied to the data being signed.  There is always at least one transform element applied(canonicalization transform).  Picture this as a series of Transform nodes each applying an XSLT stylesheet in a DataPower processing rule.

This example contains a single <Transform> element that describes the C14N algorithm that was applied to the data (not to be confused with the CanonicalizationMethod given above).

The next child element of the <Reference> element is the <DigestMethod>.  This defines the hashing algorithm that is used (SHA1 in this case) on the data described by the URI property.

The <DigestValue> element gives the calculated hash value of the input data (using the algorith specified by DigestMethod).

The next child element of the <Signature> element is <SignatureValue>.  This is the actual base-64 encoded, digital signature of the <SignedInfo> element(after the canonicalization method described by CanonicalizationMethod is applied).

The next child element of the <Signature> element is the <KeyInfo> element.  The <KeyInfo> element contains information about the key that was used to produce the digital signature.  This example does not contain a complete <KeyInfo> block.  There are several possible permutations of the data that is given here.  We’ll look at a common example in the WS-Security Integrity use of Digital Signatures in a future blog post.