XML Signature?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

XML Signature?

Uri Blumenthal
In my current project there’s a need to digitally sign an XML document. The application is best suited for Enveloped Signature.

I’m not eager to write a ton of code to accomplish this. I’m open to suggestions. AFAIK, BouncyCastle does not directly support XML Signature, correct? So if I don’t want to build the entire library with XML canonicalization, etc. - what are my options? What library would you recommend that (ideally uses BC as the underlying mechanism, and) implements XML Signature in a reasonably convenient way?

Thanks!
--
Uri Blumenthal
[hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: XML Signature?

Valentino
This post has NOT been accepted by the mailing list yet.

Hi Uri,

 

You could take a look at SD-DSS framework (https://joinup.ec.europa.eu/asset/sd-dss/asset_release/dss-440). It supports many kind of signatures.

 

Best regards,

 

Valentin Ivanov

 

From: Uri Blumenthal [via Bouncy Castle] [mailto:ml-node+[hidden email]]
Sent: Thursday, July 09, 2015 5:38 AM
To: Valentin Ts. Ivanov
Subject: XML Signature?

 

In my current project there’s a need to digitally sign an XML document. The application is best suited for Enveloped Signature.

I’m not eager to write a ton of code to accomplish this. I’m open to suggestions. AFAIK, BouncyCastle does not directly support XML Signature, correct? So if I don’t want to build the entire library with XML canonicalization, etc. - what are my options? What library would you recommend that (ideally uses BC as the underlying mechanism, and) implements XML Signature in a reasonably convenient way?

Thanks!
--
Uri Blumenthal
[hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: XML Signature?

Arshad Noor
In reply to this post by Uri Blumenthal
Everything you need is already available in the standard JDK.  You can,
however, use BC for your CSP instead of the Sun provider:

http://docs.oracle.com/javase/8/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html

Besides the tutorials, you can also find full working implementations
(inside a J2EE and JEE5 application respectively) at:

sourceforge.net/projects/strongkey (Enveloped Signature)
sourceforge.net/projects/skce (Enveloping Signature)

and answers to many questions related to XMLSignature at:

https://community.oracle.com/search.jspa?q=xmlsignature&place=%2Fplaces%2F1744&depth=ALL&author=%2Fpeople%2F802607

Arshad Noor
StrongAuth, Inc.

On 07/08/2015 07:59 PM, Uri Blumenthal wrote:
> In my current project there’s a need to digitally sign an XML document. The application is best suited for Enveloped Signature.
>
> I’m not eager to write a ton of code to accomplish this. I’m open to suggestions. AFAIK, BouncyCastle does not directly support XML Signature, correct? So if I don’t want to build the entire library with XML canonicalization, etc. - what are my options? What library would you recommend that (ideally uses BC as the underlying mechanism, and) implements XML Signature in a reasonably convenient way?
>
> Thanks!
> --
> Uri Blumenthal
> [hidden email]
>