XML Sign

Description

The XML Sign action applies an XML signature to XML formatted data.

Usage

XML Sign basic configuration

This action creates an XML Signature that guarantees both the integrity and authenticity of the message. This allows to verify that data was not altered after it was signed with a digital certificate. The syntax of the XML signature follows the standard provided by the W3C.

  1. Select an available digital certificate you want to use
  2. Choose one of the two available signature structures (Enveloped or Enveloping)
  3. Insert the XML formatted message you want to sign (you can also insert data referring to a previous step by clicking the add [+] button)

NOTE The available certificates present in the Client certificate drop down menu are stored in the Certificates section of Extension Kit. For more information, please see our documentation

Enveloped Signature Output Sample

Description: The signature is inside the XML data that is signing

<?xml version="1.0" encoding="UTF-8"?>
<Document xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:iso:std:iso:20022:tech:xsd:pain.001.001.03">
  <CstmrCdtTrfInitn>
    <GrpHdr>
      <MsgId>ERPxAP3C</MsgId>
      <CreDtTm>2022-01-19T06:55:00</CreDtTm>
      <NbOfTxs>4</NbOfTxs>
      <CtrlSum>4433.00</CtrlSum>
      <InitgPty>
        <Nm>Dutch office supplies, office furniture and coffee machines trading co</Nm>
        <Id>
          <OrgId>
            <Othr>
              <Id>KVK9937465</Id>
            </Othr>
          </OrgId>
        </Id>
      </InitgPty>
    </GrpHdr>
  </CstmrCdtTrfInitn>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
      <Reference URI="">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
          <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
        <DigestValue>kEWCFOFB9GKq8x61Q9YR+v0WDBXO0CKcxseOjag7rSA=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>bqDDD9ObByZWWQODuciNlg+T6zsW0RxTeiTxRu5g0ZRKzIwqYTjGM11wenNTblinZqa6t++bQ8=</SignatureValue>
    <KeyInfo>
      <X509Data>
        <X509Certificate>MIIC+zCCAeOgAwIBAgIDASxVMA0GCSqGSIb3DQEBBQUAMGQxCzAJo1NzKBgQCClm8tj/+</X509Certificate>
      </X509Data>
    </KeyInfo>
  </Signature>
</Document>

The length of SignatureValue and X509Certificate data has been reduced to simplify this example

Enveloping Signatures Output Sample

Description: The signed XML data is contained within an Object element within the Signature element.

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
  <SignedInfo>
    <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
    <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
    <Reference URI="#doc">
      <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
      <DigestValue>U9UAQbjZfDVEEe67zrfJ3a5XB0XxVd5XhRgs2+ffurw=</DigestValue>
    </Reference>
  </SignedInfo>
  <SignatureValue>xkJhP6TJ9ZwJHxLLR9j4FwVVX8ITiv2xfuP4VcG6VU+CUM3QTM+cJQ==</SignatureValue>
  <Object Id="doc">
    <ApplicationRequest xmlns="http://bxd.fi/xmldata/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance/">
      <CustomerId>123456</CustomerId>
      <Command>UploadFile</Command>
      <Timestamp>2022-03-01T11:51:26.993+01:00</Timestamp>
      <Environment>PRODUCTION</Environment>
      <TargetId>5780860238</TargetId>
      <SoftwareId>WTSSWebServices</SoftwareId>
      <FileType>NDCAPXMLI</FileType>
      <Content>PD94bWwgdmVyc2lvbj0iMS4wIiBCB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnnQ+</Content>
    </ApplicationRequest>
  </Object>
</Signature>

The length of SignatureValue and Content data has been reduced to simplify this example