Versions Compared

Old Version 2

changes.mady.by.user Currence

Saved on

compared with

New Version Current

changes.mady.by.user Currence

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Note
Note: Signature is an XML Signature data element that is defined in the XML-Signature Syntax and Processing W3C Recommendation 12 February 2002. The XML Digital Signature Schema is available from W3C at the following URL: http://www.w3.org/2000/09/xmldsig#.


Section


Column
width675px


(Sub-)element

Description

Signature

SignedInfo

This element contains information about the signature and the content that needs to be signed. See below.

SignatureValue

The value of the electronic signature. 

KeyInfo

This value indicates the certificate to be used for validating the signature. See below.

SignedInfo

Canonicalization Method

Specified Algorithm = http://www.w3.org/2001/10/xml-exc-c14n#

Expand
titleMore info

The XML content has to be canonicalized. Canonicalization (c14n) is a process for converting data that has more than one possible representation into a canonical form.

  1. For the purpose of generating the digest of the main message, the inclusive canonicalization algorithm must be used http://www.w3.org/TR/2001/REC-xml-c14n-20010315
  2. For the purpose of generating the signature value, the exclusive http://www.w3.org/2001/10/xml-exc-c14n canonicalization algorithm must be used.


SignatureMethod

Specified Algorithm = http://www.w3.org/2001/04/xmldsig-more#rsa-sha256

Expand
titleMore info
For iDEAL RSAwithSHA256 must be used as signature algorithm


Reference

See below

Reference

URI (attribute)

This value must be "" and it indicates that the entire XML document will be signed.

Transforms

Specified Algorithm = http://www.w3.org/2000/09/xmldsig#enveloped-signature

Expand
titleMore info
This is a list of Transform elements, each of which specifies a processing step before feeding the document to the digest algorithm. 
iDEAL uses an enveloped signature: the signature is contained within the signed document. A transform is required to remove the signature from the signed data. The mentioned transform performs this action.


DigestMethod

Specified Algorithm = http://www.w3.org/2001/04/xmlenc#sha256

Expand
titleMore info
This element specifies the hashing algorithm. The value of the DigestMethod/Algorithm attribute must indicate SHA256


DigestValue

This is the Base64 value of the hash of the content.

KeyInfo

KeyName

This value holds the fingerprint which indicates the certificate to be used for validating the signature. 



Column
width100%

Example Message fragment

Code Block
languagexml
....
	<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
		<SignedInfo>
			<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
			<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
			<Reference URI="">
				<Transforms>
					<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
				</Transforms>
				<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
				<DigestValue>VW+VjenRyZVFCNfBTeoxDflQ4yfR8KYFvwPVinVPqBs=</DigestValue>
			</Reference>
		</SignedInfo>
		<SignatureValue>
IELLwKSGFMk64US23YrpZ8//hJ8DeJEtYht5knlxJvBOr8dcI+aJTBq+YtyzP9ClcK62Obs5aynHBE/GPHZShuMw+8WHq4fCMInOwKURgwjDOz8UYaIMqG0Ojiz8dFYGn+dH2lL0QVss4jmIIAD8MCijb27oqij6PclXw9Y9veI=
</SignatureValue>
		<KeyInfo>
			<KeyName>7D665C81ABBE1A7D0E525BFC171F04D276F07BF2</KeyName>
		</KeyInfo>
	</Signature>
....




Schematic representation