It defines the type of DSig signature to be used.
Available values:
ENVELOPED
***Enveloping and Detached signatures are not available in this module edition.
Example of an Enveloped signature:
<?xml version="1.0" encoding="UTF-8"?>
<Envelope xmlns="http://example.org/envelope">
<Body>
Hello world
</Body>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>RnMv...Ztmp8YOI=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>/jW1L...24vppECVoR6ckfZNI=</SignatureValue>
</Signature>
</Envelope>
It defines the canonicalization method to be used to preprocess the data to be signed.
Available values:
C14n_WITH_COMMENTS, C14n_OMIT_COMMENTS, exc_C14n_OMIT_COMMENTS, exc_C14N_WITH_COMMENTS
Implementation details:
- C14n_WITH_COMMENTS will include the transform "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
- C14n_OMIT_COMMENTS will include the transform "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
- exc_C14N_WITH_COMMENTS will include the transform "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
- exc_C14n_OMIT_COMMENTS will include the transform "http://www.w3.org/2001/10/xml-exc-c14n#"
***C14N11 transformations are not available in this module edition.
It defines the type of KeyInfo element to be used on the signature.
Available values:
NONE, KeyValue, X509Certificate
- NONE won't include a KeyInfo Element on the Signature structure.
- X509Certificate will include a KeyInfo Element with an X509Data Element inside the Signature structure. It will contain some information on the certificate and the Base64 encoded certificate.
- KeyValue will include a KeyInfo Element with a KeyValue Element inside the Signature structure. It will contain the Base64 encoded parameters of the public key.
Example of X509Certificate KeyInfoType:
<KeyInfo>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>E=test@genexus.com, CN=test, OU=security, O=GX, L=Montevideo, S=Montevideo, C=UY</X509IssuerName>
<X509SerialNumber>135465464315</X509SerialNumber>
</X509IssuerSerial>
<X509SubjectName>E=test@genexus.com, CN=test, OU=security, O=GX, L=Montevideo, S=Montevideo, C=UY</X509SubjectName>
<X509Certificate>MI.....3qvV1YXMaTdbWy7Ks=</X509Certificate>
</X509Data>
</KeyInfo>
Example of KeyValue KeyInfoType:
<KeyInfo>
<KeyValue>
<RSAKeyValue>
<Modulus>40l......LRs=</Modulus>
<Exponent>JJJJ</Exponent>
</RSAKeyValue>
</KeyValue>
</KeyInfo>