forked from openkylin/xmlsec1
1085 lines
34 KiB
HTML
1085 lines
34 KiB
HTML
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
|
|
<title>XML Security Library: XML Digital Signature</title>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
<style type="text/css">
|
|
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
|
|
width: 20em;
|
|
}
|
|
.synopsis, .classsynopsis {
|
|
background: #eeeeee;
|
|
border: solid 1px #aaaaaa;
|
|
}
|
|
.programlisting {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation {
|
|
background: #eeeeee;
|
|
border: solid 1px #000000;
|
|
}
|
|
.navigation a {
|
|
color: initial;
|
|
}
|
|
.navigation a:visited {
|
|
color: initial;
|
|
}
|
|
</style>
|
|
</head>
|
|
<body><table width="100%" valign="top"><tr valign="top">
|
|
<td valign="top" align="left" width="210">
|
|
<img src="images/logo.gif" alt="XML Security Library" border="0"><p></p>
|
|
<ul>
|
|
<li><a href="index.html">Home</a></li>
|
|
<li><a href="download.html">Download</a></li>
|
|
<li><a href="news.html">News</a></li>
|
|
<li><a href="documentation.html">Documentation</a></li>
|
|
<ul>
|
|
<li><a href="faq.html">FAQ</a></li>
|
|
<li><a href="api/xmlsec-notes.html">Tutorial</a></li>
|
|
<li><a href="api/xmlsec-reference.html">API reference</a></li>
|
|
<li><a href="api/xmlsec-examples.html">Examples</a></li>
|
|
</ul>
|
|
<li><a href="xmldsig.html">XML Digital Signature</a></li>
|
|
<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
|
|
<li><a href="xmlenc.html">XML Encryption</a></li>
|
|
<li><a href="c14n.html">XML Canonicalization</a></li>
|
|
<li><a href="bugs.html">Reporting Bugs</a></li>
|
|
<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
|
|
<li><a href="related.html">Related</a></li>
|
|
<li><a href="authors.html">Authors</a></li>
|
|
</ul>
|
|
<table width="100%">
|
|
<tr>
|
|
<td width="15"></td>
|
|
<td><a href="http://xmlsoft.org/"><img src="images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td width="15"></td>
|
|
<td><a href="http://xmlsoft.org/XSLT"><img src="images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td width="15"></td>
|
|
<td><a href="http://www.openssl.org/"><img src="images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
|
|
</tr>
|
|
<!--Links - start--><!--Links - end-->
|
|
</table>
|
|
</td>
|
|
<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
|
|
<div align="center">
|
|
<h2>XML Digital Signature</h2>
|
|
</div>
|
|
<p> <a href="http://www.w3.org/TR/xmldsig-core">XML
|
|
Digital Signature 1.0</a> provides <a href="http://www.w3.org/TR/xmldsig-core/#def-Integrity" class="link-def">integrity,</a> <a href="http://www.w3.org/TR/xmldsig-core/#def-AuthenticationMessage" class="link-def">message authentication,</a> and/or <a href="http://www.w3.org/TR/xmldsig-core/#def-AuthenticationSigner" class="link-def">signer authentication</a> services for data of any
|
|
type, whether located within the XML that includes the signature or
|
|
elsewhere. </p>
|
|
<p> XML Security Library supports all MUST/SHOULD/MAY
|
|
features and algorithms
|
|
described in the W3C standard and provides API to sign prepared
|
|
document templates,
|
|
add signature(s) to a document "on-the-fly" or verify the signature(s)
|
|
in the document. </p>
|
|
<p> <a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">XML Digital
|
|
Signature
|
|
Online Verifier</a> is an example of a real application based on XML
|
|
Security Library. Using this tool you can verify any XML Signature
|
|
and get detailed report on what and how was signed. </p>
|
|
<div align="center">
|
|
<h3>XML Security Library Interoperability Report</h3>
|
|
</div>
|
|
<h4 style="text-align: center;">XML Digital Signature 1.0 (<a href="http://www.ietf.org/rfc/rfc3275.txt">RFC 3275</a>)</h4>
|
|
<div align="center">
|
|
<table style="width: 85%;" border="1" cellpadding="2" cellspacing="2"><tbody>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top"><b>Features and algorithms</b></td>
|
|
<td valign="top"><b>XMLSec with OpenSSL</b></td>
|
|
<td valign="top"><b>XMLSec with GnuTLS</b></td>
|
|
<td valign="top"><b>XMLSec with GCrypt</b></td>
|
|
<td valign="top"><b>XMLSec with NSS</b></td>
|
|
<td valign="top"><b>XMLSec with MSCrypto</b></td>
|
|
<td valign="top"><b>XMLSec with MSCNG</b></td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Detached Signature</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Enveloping Signature:
|
|
same document reference with fragment (URI="#Object1")</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Enveloped Signature:
|
|
same document reference (URI="") with Enveloped Signature Transform</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">SignatureValue
|
|
generation/validation</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Manifest DigestValue
|
|
generation/valdiation</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Laxly schema valid Signature
|
|
element generation</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">XPointers '#xpointer(/)'</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">XPointers '#xpointer(id("<em>ID</em>"))'</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">XPointers: full suppport</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">XPath</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">the dsig XPath 'here()'
|
|
function (can be used to implement enveloped signature)</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">XSLT transform</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">RetrievalMethod
|
|
(e.g. X509Data)</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">SHA1</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Base64</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">HMAC-SHA1</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">DSA with SHA1 (DSS) <a href="#dsa-sha1"><sup>(1)</sup></a>
|
|
</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">RSA with SHA1</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" valign="top">X509 support</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" valign="top">X509 CRL support</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Minimal C14N (deprecated)</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">
|
|
<a href="http://www.w3.org/TR/xml-c14n">Canonical XML 1.0</a>
|
|
</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">
|
|
<a href="http://www.w3.org/TR/xml-exc-c14n">Exlusive Canonical XML 1.0</a>
|
|
</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">
|
|
<a href="http://www.w3.org/TR/xml-c14n11/">Canonical XML 1.1</a>
|
|
</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">Enveloped Signature</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
</tbody></table>
|
|
<div align="left"> <br><h4 style="text-align: center;">Additional XML Security
|
|
Algorithms (<a href="http://www.ietf.org/rfc/rfc4051.txt">RFC 4051</a>)</h4>
|
|
<table style="width: 85%; text-align: left; margin-left: auto; margin-right: auto;" border="1" cellpadding="2" cellspacing="2"><tbody>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top"><b>Features and algorithms<br></b></td>
|
|
<td valign="top"><b>XMLSec with OpenSSL</b></td>
|
|
<td valign="top"><b>XMLSec with GnuTLS</b></td>
|
|
<td valign="top"><b>XMLSec with GCrypt</b></td>
|
|
<td valign="top"><b>XMLSec with NSS</b></td>
|
|
<td valign="top"><b>XMLSec with MSCrypto</b></td>
|
|
<td valign="top"><b>XMLSec with MSCNG</b></td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">MD5</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">SHA224</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">SHA256</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">SHA384</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">SHA512</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">HMAC-MD5</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">HMAC-SHA224</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">HMAC-SHA256</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">HMAC-SHA384</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">HMAC-SHA512</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" valign="top">HMAC-RIPEMD160</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">RSA-MD5</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">RSA-SHA224</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">RSA-SHA256</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">RSA-SHA384</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">RSA-SHA512</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">RSA-RIPEMD160</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ECDSA-SHA1</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ECDSA-SHA224</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ECDSA-SHA256</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ECDSA-SHA384</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ECDSA-SHA512</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ESIGN-SHA1</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ESIGN-SHA224</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ESIGN-SHA256</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ESIGN-SHA384</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ESIGN-SHA512</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">Minimal C14N (deprecated)</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top">XPointer transform</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
<td valign="top">Y</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">ARCFOUR Encryption</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 128</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 192</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 256</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">Camellia Key Wrap 128</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">Camellia Key Wrap 192</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">Camellia Key Wrap 256</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">PSEC-KEM</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
</tr>
|
|
</tbody></table>
|
|
<div align="left">
|
|
<h4 style="text-align: center;">Other algorithms</h4>
|
|
<table style="width: 85%; text-align: left; margin-left: auto; margin-right: auto;" border="1" cellpadding="2" cellspacing="2"><tbody>
|
|
<tr>
|
|
<td style="width: 40%;" align="left" valign="top"><b>Features and algorithms</b></td>
|
|
<td valign="top"><b>XMLSec with OpenSSL</b></td>
|
|
<td valign="top"><b>XMLSec with GnuTLS</b></td>
|
|
<td valign="top"><b>XMLSec with GCrypt</b></td>
|
|
<td valign="top"><b>XMLSec with NSS</b></td>
|
|
<td valign="top"><b>XMLSec with MSCrypto</b></td>
|
|
<td valign="top"><b>XMLSec with MSCNG</b></td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">GOST94 digests</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y<a href="#gost-mscrypto"><sup>(2)</sup></a>
|
|
<td valign="top">N</td>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td style="vertical-align: top; width: 40%;">GOST2001 signatures</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">N</td>
|
|
<td valign="top">Y<a href="#gost-mscrypto"><sup>(2)</sup></a>
|
|
<td valign="top">N</td>
|
|
</td>
|
|
</tr>
|
|
</tbody></table>
|
|
<br><br><a name="dsa-sha1"></a><sup>(1)</sup> Defining <a href="http://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue"> DSA key</a>
|
|
with Seed and PgenCounter is not supported.
|
|
<br><a name="gost-mscrypto"></a><sup>(2)</sup> Requires install of a CSP
|
|
providing these algorithms.<br><p>Test vectors (from <a href="http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html">IETF/W3C
|
|
XML Signature WG: XML Signature Interoperability page</a>): <br><a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/att-0016/01-merlin-xmldsig-twenty-three.tar.gz">merlin-xmldsig-twenty-three.tar.gz</a>
|
|
<br><a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001AprJun/att-00%2033/01-merlin-xmldsig-sixteen.tar.gz">merlin-xmldsig-sixteen.tar.gz</a>
|
|
(features, deprecated)<br><a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001JanMar/att-0155/04-merlin-xmldsig-fifteen.tar.gz">merlin-xmldsig-fifteen.tar.gz</a>
|
|
(algorithms, deprecated)<br></p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</td></tr></table></td>
|
|
</tr></table></body>
|
|
</html>
|