Designed for creating and verifying digital signatures using XML syntax
||XML/Web Services Security
SecureXML Digital Signature utilizes X.509v3 PKI certificates which can be stored on local Windows store, Smart Cards or USB Token. Non-PKI password based (HMAC) signature is also supported. The component uses X.509v3 certificates and key-pairs (digital identities) for building the signature. When several certificates are available the user is allowed to choose which digital identity to use for the signature.
The Signature is built by first creating a hash / digest of the byte stream of the data to be signed, and then by encrypting the byte stream mathematically using the private key referred to by the PKI certificate to form the signature element. The final signature does not reveal the private key that was originally used to make the signature.
SecureXML Digital Signature can be used to sign any digital content (data object). An XML Signature may be applied to the content of one or more resources.
- XML based web form signing supported (enables easy integration with backend databases)
- Can be integrated into applications easily
- Enables utilization of X.509v3 certificates stored on local windows store, smart cards and USB tokens
- Password based signature supported
- Does not reveal the private key or password used for the signature
- No additional software needed. In web-based applications signatures are created in the browser and verified on a Web server.
- Enveloped, enveloping and detached signatures
- Multiple signatures
- Enveloped or enveloping signatures are over data within the same XML document as the signature
- Detached signatures are over data external to the signature document