Create an enveloping signature using a DSA key
IMPORT xml
MAIN
DEFINE doc xml.DomDocument
DEFINE sig xml.Signature
DEFINE key xml.CryptoKey
DEFINE index INTEGER
DEFINE objInd INTEGER
# Create DomDocument object
LET doc = xml.DomDocument.Create()
# Notice that whitespaces are significant in cryptography,
# therefore it is recommended to remove unnecessary ones
CALL doc.setFeature("whitespace-in-element-content",FALSE)
TRY
# Load document to be signed
CALL doc.load("MyDocument.xml")
# Create DSA key and load it from file
LET key = xml.CryptoKey.Create(
"http://www.w3.org/2000/09/xmldsig#dsa-sha1")
CALL key.loadPEM("DSAKey.pem")
# Create signature object with the key to use
LET sig = xml.Signature.Create()
CALL sig.setKey(key)
# Create an object inside the signature to envelop the root node
LET objInd = sig.createObject()
# Set the object id to get a reference
CALL sig.setObjectId(objInd,"data")
# Copy the enveloping node from the document
CALL sig.appendObjectData(objInd,doc.getDocumentElement())
# Set the reference to be signed on the object node.
# In our case, the object node with attribute 'data'
LET index = sig.createReference("#data",
"http://www.w3.org/2000/09/xmldsig#sha1")
# Set canonicalization method on the enveloping object to be signed.
CALL sig.appendReferenceTransformation(index,
"http://www.w3.org/2001/10/xml-exc-c14n#")
# Compute enveloping signature
CALL sig.compute(NULL)
# Retrieve signature document
LET doc=sig.getDocument()
# Save signature on disk
CALL doc.setFeature("format-pretty-print",TRUE)
CALL doc.save("MyDocumentEnvelopingSignature.xml")
CATCH
DISPLAY "Unable to create an enveloping signature :",STATUS
END TRY
END MAIN
Note: All keys or certificates in PEM or DER format were
created with the OpenSSL tool.