Director, Security Architecture
• Integrity and non-repudiation
XML Signature by W3C
• Confidentiality of XML documents
XML Encryption by W3C
• A joint standard by IETF and W3C for digitally
signing all of an XML document, part of an XML
document or even an external object.
• XML Signature applies to any resource
addressable by an URI – including non-xml
• First security standard to reach recommendation
• WS-Security, XKMS, SAML all depend on XML
• Multiple XML Signatures can be able to exist
over the static content of a web resource.
XML-Signature - Detached
- Points to an XML element or binary file out
side the <Signature> elements hierarchy
- <Reference> element points neither a child nor
- Can point to an element within the same
document or to another resource completely
outside the current XML document.
XML-Signature - Detached
Signed XML Content
Which signature type is used in WS-Security?
Provide a practical example for enveloped
signature ? And why it’s needed there ?
XML syntax permits a number of options
(e.g., which form of empty elements to
use, whether to use single or double quotes for
attribute values, the order of attributes in a start
tag, places where white space is considered
insignificant, etc.), it is quite easy to create
documents that are physically different and yet
The purpose of Canonical XML is to define an
algorithm by which a particular physical
representation of an XML document can be
reliably and repeatedly reduced to its canonical
(simplest) form. When the same algorithm is
applied to physically different representations to
produce their canonical forms, documents can be
compared at this logical level.
• Canonical XML (or Inclusive XML
• Exclusive XML Canonicalization(EXCC14N)
The Canonical XML is used for XML where
the context doesn't change while the
Exclusive XML was designed for
canonicalization where the context might
- <Transforms/> receive the results of
dereferencing the <Reference URI=“”> and
alter the result in some way.
- A simple <Transform> can be an Xpath
statement that causes the signature to apply
only to a part of an XML document.
- Multiple transforms can appear under a
<Reference> working in a pipe-line fashion.
- <Transform Algorithm=“” />
What is the difference between
CanonicalizationMethod and the Transforms ?
- Normalize the XML, so that regardless of
physical inconsistencies, two logically
equivalent XML documents will become
physically bit to bit to equivalent.
- Maps binary data into text
- Commonly used when we want to sign just a
fragment of an XML document.
Enveloped Signature Transform
- Commonly used in Enveloped Signatures where the parent
element is to be signed.
- Need to remove the Signature element from the element
being signed before validation.
Provide an example for Enveloped Signature
Transformation and explain why its needed?
- A good practice is to sign what actually the signer sees.
- Used to sign XML documents when an XSL is involved.
- Used to reference a key that is stored in a separate location.
- If multiple signatures use the same key, we can keep the
KeyInfo structure in a standalone element with a unique ID
and refer to using <RetrievalMethod/> of each <Signature>
- Either or both the ds:KeyName and RetrievalMethod could be
used to identify the same key.
<RetrievalMethod URI='#EK' "/>
- Can put anything you want.
- Typically includes one of the following three
1. XML fragment or a base-64 encoded binary
object – Enveloping Signature
2. A <Manifest> element
3. A <SignatureProperties> element
- Contains a list of references
- <Reference> elements inside <SignedInfo> element
must be validated in order to accept the signature a
- To validate or not to validate <Reference> elements
inside <Manifest> element is up to the developer
- Developers get more granular control over which
<Reference> mater and which does not.
Provides a place to put name/value information
about the signature it self.
<SignatureProperty Id=“101” Target=“#100”>
XML-Signature Building Process
- Reference Generation
- Signature Generation
XML-Signature Ref. Generation
1. Obtain the resource specified by the <Reference
2. Apply Transforms
3. Calculate the digest for the final output from the
Transform algorithm, using the <DigestMethod>
4. Create the <Reference> element including all it’s sub
elements by populating the <DigestValue>
5. Perform the above actions to all the <Reference>
elements found inside <SignedInfo>
XML-Signature Sig. Generation
1. Create the <SignedInfo> element
2. Canonicalize <SignedInfo> element using the
algorithm specified under <CanonicalizationMethod>
3. Create a hash for the out put of the canonicalization
using the <SignatureMethod> specified.
4. Create the <SignatureValue> with the
<SignatureMethod> specified, against the
canonicalized, hashed <SignedInfo>
5. Build the complete <Signature> element
XML-Signature Validation Process
- Reference Validation
- Signature Validation
XML-Signature Ref. Validation
1. Canonicalize the <SignedInfo> element based
on the <CanonicalizationMethod> element.
2. For each <Reference> element do the following
3. Get the resource pointed out by the
4. Apply Transforms
5. Create a hash using the <DigestMethod>
6. Find the DigestValue and compare it with the
XML-Signature Sig. Validation
1. Obtain the key used to sign the message
2. Create a hash of the canonicalized <SignedInfo>
3. Using the verification key decrypt the
4. Compare the value from 3 with value from 2.