blob: 252a6f5ddbe3999f9f3dae814d1b672339d09f9f [file] [log] [blame]
<html xmlns:sec="http://www.xml-sicherheit.de">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="../format.css">
</head>
<body>
<h1>Beispiel - Signiert</h1>
<p>Die folgenden Beispiele zeigen die drei <a href="signatures_types.html">Signaturvarianten</a> im von oben bekanntem <a href="sample.html">Beispiel XML-Dokument</a>. Zur übersichtlicheren Darstellung wurden alle Beispiele nachträglich formatiert und können daher auch nach einer Kanonisierung
nicht mehr erfolgreich verifiziert werden.
</p>
<h2 id="envelopedSignature">Enveloped Signature</h2>
<div class="code"><pre>
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
&lt;Invoice&gt;
&lt;ID&gt;IN 2008/00645&lt;/ID&gt;
&lt;IssueDate&gt;2008-03-30&lt;/IssueDate&gt;
&lt;BuyerParty&gt;
&lt;ID&gt;458746&lt;/ID&gt;
&lt;name&gt;John Doe&lt;/name&gt;
&lt;/BuyerParty&gt;
&lt;PaymentMeans&gt;
&lt;PayeeFinancialAccount&gt;
&lt;ID&gt;07044961&lt;/ID&gt;
&lt;Name&gt;The Specialists Company&lt;/Name&gt;
&lt;AccountTypeCode&gt;Credit&lt;/AccountTypeCode&gt;
&lt;FinancialInstitutionBranch&gt;
&lt;ID&gt;776631&lt;/ID&gt;
&lt;Institution&gt;LOYDGB852&lt;/Institution&gt;
&lt;/FinancialInstitutionBranch&gt;
&lt;/PayeeFinancialAccount&gt;
&lt;/PaymentMeans&gt;
&lt;TotalAmount currencyID="€"&gt;382.00&lt;/TotalAmount&gt;
&lt;!-- item 1 --&gt;
&lt;InvoiceLine id="1"&gt;
&lt;Quantity&gt;2&lt;/Quantity&gt;
&lt;LineAmount currencyID="€"&gt;205.00&lt;/LineAmount&gt;
&lt;Item id="236WV"&gt;
&lt;BasePrice currencyID="€"&gt;102.50&lt;/BasePrice&gt;
&lt;/Item&gt;
&lt;/InvoiceLine&gt;
&lt;!-- item 2 --&gt;
&lt;InvoiceLine id="2"&gt;
&lt;Quantity&gt;1&lt;/Quantity&gt;
&lt;LineAmount currencyID="€"&gt;177.00&lt;/LineAmount&gt;
&lt;Item id="193DX"&gt;
&lt;BasePrice currencyID="€"&gt;177.00&lt;/BasePrice&gt;
&lt;/Item&gt;
&lt;/InvoiceLine&gt;
&lt;ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="enveloped-sample"&gt;
&lt;ds:SignedInfo&gt;
&lt;ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/&gt;
&lt;ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/&gt;
&lt;ds:Reference URI=""&gt;
&lt;ds:Transforms&gt;
&lt;ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/&gt;
&lt;ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/&gt;
&lt;/ds:Transforms&gt;
&lt;ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/&gt;
&lt;ds:DigestValue&gt;eFlanbs4nTiHuhG6WvG9gkdGVTQ=&lt;/ds:DigestValue&gt;
&lt;/ds:Reference&gt;
&lt;/ds:SignedInfo&gt;
&lt;ds:SignatureValue&gt;hfC4X3wn66WeEsk8/cowxbsQ60JseyNNASjWO8idbR4kSczmTWcCkg==&lt;/ds:SignatureValue&gt;
&lt;ds:KeyInfo&gt;
&lt;ds:X509Data&gt;
&lt;ds:X509Certificate&gt;
MIIC4TCCAp+gAwIBAgIER++fqzALBgcqhkjOOAQDBQAwVDEMMAoGA1UEBhMDZG9zMQwwCgYDVQQI
EwNkb3MxDDAKBgNVBAcTA2RvczEMMAoGA1UEChMDZG9zMQwwCgYDVQQLEwNkb3MxDDAKBgNVBAMT
A2RvczAeFw0wODAzMzAxNDExNTVaFw0wOTAzMzAxNDExNTVaMFQxDDAKBgNVBAYTA2RvczEMMAoG
A1UECBMDZG9zMQwwCgYDVQQHEwNkb3MxDDAKBgNVBAoTA2RvczEMMAoGA1UECxMDZG9zMQwwCgYD
VQQDEwNkb3MwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QA
wx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX
/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSML
zLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP
5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvM
pPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYAis6u62/7EEpM6MiavL8lmfWOm
tzBYkh9acc5NOlqo77lMlZw4Fzrmyeco14LTcs0zA2A6KZJeZ4/NFdLHOPbxu6Os6KgtHeTCcxr2
iJpngedSona97jiEv4zjJlGJC7dzi9/gyjB4H9U7yUwe5DkwnHBLXaJDJT3VjwrlSo7G7zALBgcq
hkjOOAQDBQADLwAwLAIUcmTX6EqCSO3U7QgUq8m3mGhZv4ACFDHCHiqH6wjgV4dnGWj5/tudEVRJ
&lt;/ds:X509Certificate&gt;
&lt;/ds:X509Data&gt;
&lt;ds:KeyValue&gt;
&lt;ds:DSAKeyValue&gt;
&lt;ds:P&gt;
/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA
HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
K2HXKu/yIgMZndFIAcc=
&lt;/ds:P&gt;
&lt;ds:Q&gt;l2BQjxUjC8yykrmCouuEC/BYHPU=&lt;/ds:Q&gt;
&lt;ds:G&gt;
9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3
zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL
Zl6Ae1UlZAFMO/7PSSo=
&lt;/ds:G&gt;
&lt;ds:Y&gt;
IrOrutv+xBKTOjImry/JZn1jprcwWJIfWnHOTTpaqO+5TJWcOBc65snnKNeC03LNMwNgOimSXmeP
zRXSxzj28bujrOioLR3kwnMa9oiaZ4HnUqJ2ve44hL+M4yZRiQu3c4vf4MoweB/VO8lMHuQ5MJxw
S12iQyU91Y8K5UqOxu8=
&lt;/ds:Y&gt;
&lt;/ds:DSAKeyValue&gt;
&lt;/ds:KeyValue&gt;
&lt;/ds:KeyInfo&gt;
&lt;/ds:Signature&gt;
&lt;/Invoice&gt;
</pre></div>
<h2 id="envelopingSignature">Enveloping Signature</h2>
<div class="code"><pre>
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
&lt;ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="enveloping-sample"&gt;
&lt;ds:SignedInfo&gt;
&lt;ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/&gt;
&lt;ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/&gt;
&lt;ds:Reference URI="#Invoice"&gt;
&lt;ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/&gt;
&lt;ds:DigestValue&gt;6DoxsZRaVy6fYXt5ezkMv81EjPM=&lt;/ds:DigestValue&gt;
&lt;/ds:Reference&gt;
&lt;/ds:SignedInfo&gt;
&lt;ds:SignatureValue&gt;OvQ0ruu0XQxzmT9cWSC1s2z+3FQYlDXARhB5HxWgn4LHg5DMYMH0Ag==&lt;/ds:SignatureValue&gt;
&lt;ds:KeyInfo&gt;
&lt;ds:X509Data&gt;
&lt;ds:X509Certificate&gt;
MIIC4TCCAp+gAwIBAgIER++fqzALBgcqhkjOOAQDBQAwVDEMMAoGA1UEBhMDZG9zMQwwCgYDVQQI
EwNkb3MxDDAKBgNVBAcTA2RvczEMMAoGA1UEChMDZG9zMQwwCgYDVQQLEwNkb3MxDDAKBgNVBAMT
A2RvczAeFw0wODAzMzAxNDExNTVaFw0wOTAzMzAxNDExNTVaMFQxDDAKBgNVBAYTA2RvczEMMAoG
A1UECBMDZG9zMQwwCgYDVQQHEwNkb3MxDDAKBgNVBAoTA2RvczEMMAoGA1UECxMDZG9zMQwwCgYD
VQQDEwNkb3MwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QA
wx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX
/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSML
zLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP
5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvM
pPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYAis6u62/7EEpM6MiavL8lmfWOm
tzBYkh9acc5NOlqo77lMlZw4Fzrmyeco14LTcs0zA2A6KZJeZ4/NFdLHOPbxu6Os6KgtHeTCcxr2
iJpngedSona97jiEv4zjJlGJC7dzi9/gyjB4H9U7yUwe5DkwnHBLXaJDJT3VjwrlSo7G7zALBgcq
hkjOOAQDBQADLwAwLAIUcmTX6EqCSO3U7QgUq8m3mGhZv4ACFDHCHiqH6wjgV4dnGWj5/tudEVRJ
&lt;/ds:X509Certificate&gt;
&lt;/ds:X509Data&gt;
&lt;ds:KeyValue&gt;
&lt;ds:DSAKeyValue&gt;
&lt;ds:P&gt;
/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA
HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
K2HXKu/yIgMZndFIAcc=
&lt;/ds:P&gt;
&lt;ds:Q&gt;l2BQjxUjC8yykrmCouuEC/BYHPU=&lt;/ds:Q&gt;
&lt;ds:G&gt;
9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3
zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL
Zl6Ae1UlZAFMO/7PSSo=
&lt;/ds:G&gt;
&lt;ds:Y&gt;
IrOrutv+xBKTOjImry/JZn1jprcwWJIfWnHOTTpaqO+5TJWcOBc65snnKNeC03LNMwNgOimSXmeP
zRXSxzj28bujrOioLR3kwnMa9oiaZ4HnUqJ2ve44hL+M4yZRiQu3c4vf4MoweB/VO8lMHuQ5MJxw
S12iQyU91Y8K5UqOxu8=
&lt;/ds:Y&gt;
&lt;/ds:DSAKeyValue&gt;
&lt;/ds:KeyValue&gt;
&lt;/ds:KeyInfo&gt;
&lt;ds:Object Id="Invoice"&gt;
&lt;Invoice&gt;
&lt;ID&gt;IN 2008/00645&lt;/ID&gt;
&lt;IssueDate&gt;2008-03-30&lt;/IssueDate&gt;
&lt;BuyerParty&gt;
&lt;ID&gt;458746&lt;/ID&gt;
&lt;name&gt;John Doe&lt;/name&gt;
&lt;/BuyerParty&gt;
&lt;PaymentMeans&gt;
&lt;PayeeFinancialAccount&gt;
&lt;ID&gt;07044961&lt;/ID&gt;
&lt;Name&gt;The Specialists Company&lt;/Name&gt;
&lt;AccountTypeCode&gt;Credit&lt;/AccountTypeCode&gt;
&lt;FinancialInstitutionBranch&gt;
&lt;ID&gt;776631&lt;/ID&gt;
&lt;Institution&gt;LOYDGB852&lt;/Institution&gt;
&lt;/FinancialInstitutionBranch&gt;
&lt;/PayeeFinancialAccount&gt;
&lt;/PaymentMeans&gt;
&lt;TotalAmount currencyID="€"&gt;382.00&lt;/TotalAmount&gt;
&lt;!-- item 1 --&gt;
&lt;InvoiceLine id="1"&gt;
&lt;Quantity&gt;2&lt;/Quantity&gt;
&lt;LineAmount currencyID="€"&gt;205.00&lt;/LineAmount&gt;
&lt;Item id="236WV"&gt;
&lt;BasePrice currencyID="€"&gt;102.50&lt;/BasePrice&gt;
&lt;/Item&gt;
&lt;/InvoiceLine&gt;
&lt;!-- item 2 --&gt;
&lt;InvoiceLine id="2"&gt;
&lt;Quantity&gt;1&lt;/Quantity&gt;
&lt;LineAmount currencyID="€"&gt;177.00&lt;/LineAmount&gt;
&lt;Item id="193DX"&gt;
&lt;BasePrice currencyID="€"&gt;177.00&lt;/BasePrice&gt;
&lt;/Item&gt;
&lt;/InvoiceLine&gt;
&lt;/Invoice&gt;
&lt;/ds:Object&gt;
&lt;/ds:Signature&gt;
</pre></div>
<h2 id="detachedSignature">Detached Signature</h2>
<div class="code"><pre>
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
&lt;root&gt;
&lt;ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="detached-sample"&gt;
&lt;ds:SignedInfo&gt;
&lt;ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/&gt;
&lt;ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/&gt;
&lt;ds:Reference URI="invoice.xml"&gt;
&lt;ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/&gt;
&lt;ds:DigestValue&gt;3L2BX8RM8edeO+/fAhHXm6pcWtISDyJYDQxHe+JisXg=&lt;/ds:DigestValue&gt;
&lt;/ds:Reference&gt;
&lt;/ds:SignedInfo&gt;
&lt;ds:SignatureValue&gt;BSv5aeWsbpWB06b51jDuJex1olkfI9EwQNeh9+DmXq4qkas/BYLPJQ==&lt;/ds:SignatureValue&gt;
&lt;ds:KeyInfo&gt;
&lt;ds:X509Data&gt;
&lt;ds:X509Certificate&gt;
MIIC4TCCAp+gAwIBAgIER++fqzALBgcqhkjOOAQDBQAwVDEMMAoGA1UEBhMDZG9zMQwwCgYDVQQI
EwNkb3MxDDAKBgNVBAcTA2RvczEMMAoGA1UEChMDZG9zMQwwCgYDVQQLEwNkb3MxDDAKBgNVBAMT
A2RvczAeFw0wODAzMzAxNDExNTVaFw0wOTAzMzAxNDExNTVaMFQxDDAKBgNVBAYTA2RvczEMMAoG
A1UECBMDZG9zMQwwCgYDVQQHEwNkb3MxDDAKBgNVBAoTA2RvczEMMAoGA1UECxMDZG9zMQwwCgYD
VQQDEwNkb3MwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QA
wx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX
/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSML
zLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP
5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvM
pPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYAis6u62/7EEpM6MiavL8lmfWOm
tzBYkh9acc5NOlqo77lMlZw4Fzrmyeco14LTcs0zA2A6KZJeZ4/NFdLHOPbxu6Os6KgtHeTCcxr2
iJpngedSona97jiEv4zjJlGJC7dzi9/gyjB4H9U7yUwe5DkwnHBLXaJDJT3VjwrlSo7G7zALBgcq
hkjOOAQDBQADLwAwLAIUcmTX6EqCSO3U7QgUq8m3mGhZv4ACFDHCHiqH6wjgV4dnGWj5/tudEVRJ
&lt;/ds:X509Certificate&gt;
&lt;/ds:X509Data&gt;
&lt;ds:KeyValue&gt;
&lt;ds:DSAKeyValue&gt;
&lt;ds:P&gt;
/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA
HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
K2HXKu/yIgMZndFIAcc=
&lt;/ds:P&gt;
&lt;ds:Q&gt;l2BQjxUjC8yykrmCouuEC/BYHPU=&lt;/ds:Q&gt;
&lt;ds:G&gt;
9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3
zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL
Zl6Ae1UlZAFMO/7PSSo=
&lt;/ds:G&gt;
&lt;ds:Y&gt;
IrOrutv+xBKTOjImry/JZn1jprcwWJIfWnHOTTpaqO+5TJWcOBc65snnKNeC03LNMwNgOimSXmeP
zRXSxzj28bujrOioLR3kwnMa9oiaZ4HnUqJ2ve44hL+M4yZRiQu3c4vf4MoweB/VO8lMHuQ5MJxw
S12iQyU91Y8K5UqOxu8=
&lt;/ds:Y&gt;
&lt;/ds:DSAKeyValue&gt;
&lt;/ds:KeyValue&gt;
&lt;/ds:KeyInfo&gt;
&lt;/ds:Signature&gt;
&lt;/root&gt;
</pre></div>
<p>Das Beispiel <a href="sample_encrypted.html">verschlüsselt</a> (<a href="sample_encrypted.html#envelopingEncryption">enveloping</a>, <a href="sample_encrypted.html#detachedEncryption">detached</a>) oder im <a href="sample.html">Original</a>.
</p>
</body>
</html>