Create an enveloped signature using a RSA key

IMPORT xml

MAIN
  DEFINE doc xml.DomDocument
  DEFINE doc2 xml.DomDocument
  DEFINE root xml.DomNode
  DEFINE node xml.DomNode
  DEFINE signNode xml.DomNode
  DEFINE sig xml.Signature
  DEFINE key xml.CryptoKey
  DEFINE index INTEGER
  # Create DomDocument object
  LET doc = xml.DomDocument.Create()
  # Notice that whitespaces are significant in cryptography, 
  # therefore it is recommended to remove unnecessary ones 
  CALL doc.setFeature("whitespace-in-element-content",FALSE)
  TRY
    # Load document to be signed
    CALL doc.load("MyDocument.xml")
    # Create rsa key
    LET key = xml.CryptoKey.Create("http://www.w3.org/2000/09/xmldsig#rsa-sha1")
    CALL key.loadPEM("RSAKey.pem")
    # Create signature object with the key to use
    LET sig = xml.Signature.Create()
    CALL sig.setKey(key)
    # Set XML node to be signed. In our case, the node with 
    # attribute 'xml:id="code"'
    LET index = sig.createReference("#code",
      "http://www.w3.org/2000/09/xmldsig#sha1")
    # Add enveloped method to not take the XML signature node into account 
    # when computing the entire document.
    CALL sig.appendReferenceTransformation(index,
            "http://www.w3.org/2000/09/xmldsig#enveloped-signature",doc.getDocumentElement())
    # Set canonicalization method on the XML fragment to be signed.
    CALL sig.appendReferenceTransformation(index,
            "http://www.w3.org/2001/10/xml-exc-c14n#")
    # Compute enveloped signature
    CALL sig.compute(doc)
    # Retrieve signature document
    LET doc2=sig.getDocument()
    # Append the signature node to the original document to get 
    # a valid enveloped signature
    # Notice that the enveloped signature can be added anywhere in the 
    # original document
    LET signNode = doc2.getDocumentElement() # Get Signature node
    # Import it into the original document
    LET node = doc.importNode(signNode,true) 
    # Retrieve the original document root node
    LET root = doc.getDocumentElement() 
    # Append the signature node as last child of the original document
    CALL root.appendChild(node) 
    # Save document with enveloped signature back to disk
    CALL doc.setFeature("format-pretty-print",TRUE)
    CALL doc.save("MyDocumentEnvelopedSignature.xml")
  CATCH
    DISPLAY "Unable to create an enveloped signature :",STATUS
  END TRY
END MAIN
Note: All keys or certificates in PEM or DER format were created with the OpenSSL tool.