Security
  Home arrow Security arrow Page 16 - Safeguarding the Identity and Integrit...
Dev Shed Forums 
Administration  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Forums Sitemap 
IBM® developerWorks 
Dedicated Servers 
E-Commerce Hosting 
Linux Web Hosting 
Managed Hosting 
Small Business Hosting 
Download TestComplete 
VPS Hosting 
Weekly Newsletter

 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
SECURITY

Safeguarding the Identity and Integrity of XML Messages
By: Sams Publishing
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 4 stars4 stars4 stars4 stars4 stars / 6
    2004-09-09

    Table of Contents:
  • Safeguarding the Identity and Integrity of XML Messages
  • XML Signature Fundamentals
  • XML Signature Structure
  • Types of XML Signatures
  • The Signature Element Schema
  • XML Signature Processing
  • XML Signature Validation
  • The XML Signature Elements
  • Canonicalization Actions from Canonical XML Version 1.0
  • The SignatureMethod Element
  • The Reference Element
  • The Transform Element
  • XPath Filtering Transform
  • Enveloped Signature Transform
  • XPath Filter 2.0 Transform
  • The DigestMethod Element
  • The Object Element
  • The Manifest Element
  • The KeyInfo Element
  • Security Strategies for XML Signature
  • Summary
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    FaxWave - Free Trial.
     
    ADVERTISEMENT

    PCmover - $15 Off with Coupon Code CJPH7Q

    Safeguarding the Identity and Integrity of XML Messages - The DigestMethod Element
    (Page 16 of 21 )

    The DigestMethod element represents an identifier for the algorithm used to calculate the digest of the Reference URI plus all the Transforms.

    Note - The digest algorithm itself must receive its information in the form of octets. Typically, if a conversion is needed from an XML nodeset to octets, it is handled automatically. However, in some cases, an additional Transform may be required to ensure that the input to the digest algorithm is in the form of octets or to ensure that the XML nodeset is canonicalized so that it has the highest likelihood of valid comparison on any platform.

    The only required digest algorithm is SHA1, and it is designated by

    Algorithm=http://www.w3.org/2000/09/xmldsig#sha1

    The DigestValue Element

    The DigestValue element contains the Base-64 encoded value of the digest. The following DigestValue element is taken from the example we gave near the beginning of the chapter:

    <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>

    The SignatureValue Element

    At this point, the SignatureValue element must seem anti-climactic even though it represents the signature itself. The SignatureValue element is the Base-64 encoded resulting value of encrypting a digest of the SignedInfo element. The particular signature method used is defined within the SignatureMethod element itself (for example, RSA-SHA1). Here is an example of a SignatureValue:

    <SignatureValue> hTHQJyd3C6ww/OJz07P4bMOgjqBdznSUOsCh6P+0MpF69w2tln/PFLdx/EP4/VKX </SignatureValue>

    So far, we have reviewed the core aspects of the XML Signature, SignedInfo, and SignatureValue elements. If you understand them well, you have a good basis for understanding and using XML Signatures. The next two elements, Object and KeyInfo, are optional, but in many circumstances, necessary and important elements.

    SamsThis chapter is from Securing Web Services Security with WS-Security, by Jothy Rosenberg and David Remy (Sams, 2004, ISBN: 0672326515). Check it out at your favorite bookstore today.

    Buy this book now.

    Next: The Object Element >>
     

    More Security Articles
    More By Sams Publishing


     
    >>> Be the FIRST to comment on this article!

       

    SECURITY ARTICLES

    - An Epilogue to Cryptography
    - A Sequel to Cryptography
    - An Introduction to Cryptography
    - Security Overview
    - Network Security Assessment
    - Firewalls
    - What’s behind the curtain? Part II
    - What’s behind the curtain? Part I
    - Vectors
    - PKI: Looking at the Risks
    - A Quick Look at Cross Site Scripting
    - PKI Architectures: How to Choose One
    - Trust, Access Control, and Rights for Web Se...
    - Basic Concepts of Web Services Security
    - Safeguarding the Identity and Integrity of X...
    Find More Security Articles
     
    Accelerating Trading Partner Performance
     
    Competing on Analytics
     
    Cost Effective Scaling with Virtualization and Coyote Point Systems
     
    Five Checkpoints to Implementing IP Telephony
     
    Hosted Email Security: Staying Ahead of New Threats
     




    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 4 hosted by Hostway