XMLDSig Specify an element reference as an XPath expression

Question

XMLDSig Specify an element reference as an XPath expression

Someone who has experience with xml digital signature, please help.

From http://www.w3.org/TR/xmldsig-core/ I realized that in xmldsig I can use this code

<Signature ..> <SignedInfo> ... <Reference URI="#xpointer(anyXPathExpression)"> ...

So, if I have such a document

 <Document xmlns="my-document"> <DocumentData> <Name>Nobuo document</Name> </DocumentData> </Document>

And I want a sign /Document/DocumentData element, I can use such a signature

 <Document xmlns="swis-document"> <DocumentData> <Name>Nobuo document</Name> </DocumentData> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> ... <Reference URI="#xpointer(/*[local-name()='Document'][1]/*[local-name()='DocumentData'][1])"> ...

Am I right in my thoughts?

I tried to specify such a URI when using the SignedXml class in the .NET Framework. And the ComputeSignature method ComputeSignature with a CryptoGraphicsException:Malformed reference element error.

SignedXml does not support XPath, I suppose?

+4

xml xpath digital-signature

Stanislav Jan 10 '12 at 13:10

source share

No one has answered this question yet.

See related questions:

2

Is that exactly what a signature envelope does?

2

How to sign an xml element using RSA-SHA1 algorithm?

2