Official Content

Note: These options are part of GeneXus Cryptography Module.

SDT DSigOptions


  • DSigSignatureType: DSigSignatureType Domain - Default value: ENVELOPED
  • Canonicalization: Canonicalization Domain - Default value: C14n_OMIT_COMMENTS
  • KeyInfoType: KeyInfoType Domain - Default value: X509Certificate
  • XmlSchemaPath: Path of the XML Schema to verify. - Default value: empty
  • IdentifierAttribute: Just for signing XML based on ID attribute.- Default value: empty

Implementation details

  • DSigSignatureType, Canonicalization, and KeyInfoType are set by default on the most commonly used XML DSig configuration.
  • XmlSchemaPath is empty by default. It receives a path to the XML schema; only .dtd, .xml and .xsd extensions are allowed. When this property is configured with anything but empty and it is passed to a signature method, it will try to verify the schema. To verify schemas on signed XMLs the schema must contain the definition for the signature or it will fail.
  • IdentifierAttribute. In XML, a special Identification parameter with type ID can be defined which is unique to the document. This property is used to find the name of the identifier on the XML document without using the schema definition because in most cases the attribute used as an identifier is not well defined or is not defined as an identifier at all. This property is required only to sign/verify an element finding it by its ID.

Security tips

  • When assigning file paths, do not use user input concatenations or sanitize user entries to avoid path traversal or path manipulation vulnerability risks.

Last update: November 2023 | © GeneXus. All rights reserved. GeneXus Powered by Globant