blob: ebd2bc2a1f1c0fbbefd7d9891efbc1d2130fdfeb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Envelope [
<!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
<!ENTITY c14n 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'>
<!ENTITY xpath 'http://www.w3.org/TR/1999/REC-xpath-19991116'>
<!ENTITY xslt 'http://www.w3.org/TR/1999/REC-xslt-19991116'>
<!ATTLIST Notaries Id ID #IMPLIED>
]>
<!-- Preamble -->
<Envelope xmlns:foo="http://example.org/foo" xmlns="http://example.org/usps">
<DearSir>foo</DearSir>
<Body>bar</Body>
<YoursSincerely>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="signature">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
<Reference URI="http://www.w3.org/TR/xml-stylesheet">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="http://www.w3.org/Signature/2002/04/xml-stylesheet.b64">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-1">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath>
self::text()
</XPath>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-2">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest-1">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties" URI="#signature-properties-1">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="#xpointer(/)">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="#xpointer(/)">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Id="reference-1" URI="#manifest-reference-1">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Id="reference-2" URI="#reference-1">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="#reference-2">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
ancestor-or-self::dsig:SignedInfo
and
count(ancestor-or-self::dsig:Reference |
here()/ancestor::dsig:Reference[1]) >
count(ancestor-or-self::dsig:Reference)
or
count(ancestor-or-self::node() |
id('notaries')) =
count(ancestor-or-self::node())
</XPath>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
</SignatureValue>
<KeyInfo>
<RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#X509Data" URI="#object-4">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
ancestor-or-self::dsig:X509Data
</XPath>
</Transform>
</Transforms>
</RetrievalMethod>
</KeyInfo>
<Object Id="object-1" MimeType="text/plain">I am the text.</Object>
<Object Encoding="http://www.w3.org/2000/09/xmldsig#base64" Id="object-2" MimeType="text/plain">SSBhbSB0aGUgdGV4dC4=</Object>
<Object Id="object-3">
<NonCommentandus xmlns=""><!-- Commentandum --></NonCommentandus>
</Object>
<Object>
<Manifest Id="manifest-1">
<Reference Id="manifest-reference-1" URI="http://www.w3.org/TR/xml-stylesheet">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="#reference-1">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
<Reference URI="#notaries">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://www.w3.org/TR/xhtml1/strict" exclude-result-prefixes="foo" version="1.0">
<xsl:output encoding="UTF-8" indent="no" method="xml" />
<xsl:template match="/">
<html>
<head>
<title>Notaries</title>
</head>
<body>
<table>
<xsl:for-each select="Notaries/Notary">
<tr>
<th>
<xsl:value-of select="@name" />
</th>
</tr>
</xsl:for-each>
</table>
</body>
</html>
</xsl:template>
</xsl:stylesheet>
</Transform>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
</Manifest>
</Object>
<Object>
<SignatureProperties Id="signature-properties-1">
<SignatureProperty Target="#signature">
<SignerAddress xmlns="urn:demo"><IP>192.168.21.138</IP></SignerAddress>
</SignatureProperty>
</SignatureProperties>
</Object>
<Object Id="object-4">
<X509Data>
<X509Certificate>
MIIEdDCCBB6gAwIBAgIJANaOuOCRgiz5MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
b20wHhcNMDUwNzEwMDIzMTU5WhcNMTUwNzA4MDIzMTU5WjCBxzELMAkGA1UEBhMC
VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT
IFRlc3QgVGhpcmQgTGV2ZWwgRFNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr
c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wgfAw
gagGByqGSM44BAEwgZwCQQDIMfw6P79Fcw0hrxYKq3ePh7wmevc95UjfF2JHQJBX
Jb9XFBa5LRy71lzh/OYMH4oh4giiFVRVBCW9HpZqOTNJAhUAlEOrmqjJG3tfjU49
XjJuM3AXNskCQAUzwzmbp53bZ+bzDcOU6UGh3Ig/TFdLGXYevs3tiZaFLa//EYF+
l5Tdsr3NQpGRRf4arXvXPZyIJhYYHJVk7OMDQwACQDonSDDJk3VaIfdVHPnOitRq
V5XPFfMDksNb0WelnZdl/qokl9eaU+8uiH7LtsU0QYX9lE8kTplcUdD0bxjDYJ2j
ggFTMIIBTzAMBgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUpVifKXAtGkJHRAParmenuvcp
ZT4wgfEGA1UdIwSB6TCB5oAU/uTsUyTwlZXHELXhRLVdOWVa436hgcKkgb8wgbwx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwg
U2VjdXJpdHkgTGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMp
MR4wHAYDVQQLExVUZXN0IFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtz
ZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJANaO
uOCRgiz4MA0GCSqGSIb3DQEBBQUAA0EAJB9Kc4/Z0hTwiDYR5fXVPyzAjD+BeChR
F14ztWl1Ol6REWFRbIGfEz3XDgCHCiocM8ExXi7zn26R072cdBz7+w==
</X509Certificate>
</X509Data>
</Object>
</Signature>
</YoursSincerely>
<PostScript>bar</PostScript>
<Notaries xmlns="" Id="notaries">
<Notary name="Great, A. T." />
<Notary name="Hun, A. T." />
</Notaries>
<!-- Commentary -->
</Envelope>
<!-- Postamble -->
|
