dss - sample protocol exchange 2
This request/response pair illustrates the production of an enveloping XML signature from base64 encoded data using a <KeySelector> optional input to specify the signature key.
Request
<?xml version="1.0" encoding="utf-8"?>
<dss:SignRequest Profile="urn:oasis:names:tc:dss:1.0:profile:dss_interop"
RequestID="I034fedb7303894b3cf5d9835870e4ca8"
xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema">
<dss:OptionalInputs>
<dss:SignatureType>urn:ietf:rfc:3275</dss:SignatureType>
<dss:EnvelopingSignature WhichDocument="I8b61327029b3785154f23e68d1d4799c"
ObjId="Icf764cd5b914e569f757ef0f0bd90bdf"/>
<dss:KeySelector>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIEJTCCAw2gAwIBAgIBCTANBgkqhkiG9w0BAQUFADCB3jELMAkGA1UEBhMCQ0gxDjAM
BgNVBAgTBUJlcm5lMQ4wDAYDVQQHEwVCZXJuZTEfMB0GA1UEChMWVW5pdmVyc2FsIFBv
c3RhbCBVbmlvbjEaMBgGA1UEChMRRm9yIFRlc3QgVXNlIE9ubHkxHTAbBgNVBAsTFEVs
ZWN0cm9uaWMgUG9zdCBNYXJrMTMwMQYDVQQDEypVbml2ZXJzYWwgUG9zdGFsIFVuaW9u
IFBpbG90IEVQTSBBdXRob3JpdHkxHjAcBgkqhkiG9w0BCQEWD0NBQWRtaW5AdXB1Lmlu
dDAeFw0wNTAyMDcyMTM5MjdaFw0xMDAyMDYyMTM5MjdaMIG/MQswCQYDVQQGEwJDSDEO
MAwGA1UECBMFQmVybmUxDjAMBgNVBAcTBUJlcm5lMR8wHQYDVQQKExZVbml2ZXJzYWwg
UG9zdGFsIFVuaW9uMRowGAYDVQQKExFGb3IgVGVzdCBVc2UgT25seTEdMBsGA1UECxMU
RWxlY3Ryb25pYyBQb3N0IE1hcmsxFDAS BgNVBAMTC1Rlc3QgVXNlciBBMR4wHAYJKoZ
IhvcNAQkBFg9DQUFkbWluQHVwdS5pbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoG
BAKZY6YFIlcYmWFSVbu6mppnXxkOAPiFZ6ctkHyYV13MBAeU6oBlCF315USK6xNC7/gs
zkMQRwp1DJO7AlbFrXz7hzsUideq4NUhbDllIYD9Gd4KQVkkpxozEJJBlkCrazE/rqk3
3axDHojkqIHNkMLnzRaZIIShQ9qCRFu629tvhAgMBAAGjgY4wgYswDAYDVR0TBAUwAwI
BADAdBgNVHQ4EFgQUKjT95rbMUSpru/SpERNZ3CpZnOwwHwYDVR0jBBgwFoAU7RXJ0lN
kXL2nmf05PqJxKKvYqFAwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL2NhMS51cHUuaW5
0L21hc3Rlci5jcmwwCwYDVR0PBAQDAgWgMA0GCSqGSIb3DQEBBQUAA4IBAQBgT4y/5bM
u721Ry3KyY3z+iOQstYaDqeZrPhRO40qH+/PIfBR6tvnKKmWzFEHrxScZVw1cOzI3T+p
TvQ+eVJLowiBZ++S8pX458tp+QTE8/1V/zEkFz+t0tc0tWrRubK9yD0qzd8RFT9IYMp1
AukGSKDgRz79uDTUK8TPPaN4ERth9VdrRho0WORiQV6heBylxSn65PamzncqTyaQob92
qODXxPLR9N7bDDCx/CdUY/nK6/PqNWGeEOYcyfJWndX6dGkibfr7/utYALWShsPprX7D
bP2V03wDZdIlyMa9wsi17I54AGIE4lil9kwNzwXNE7KrnorsWSJHYLpSMg1po
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</dss:KeySelector>
</dss:OptionalInputs>
<dss:InputDocuments>
<dss:Document ID="I8b61327029b3785154f23e68d1d4799c"
RefType="http://www.w3.org/2000/09/xmldsig#Object"
RefURI="Icf764cd5b914e569f757ef0f0bd90bdf">
<dss:Base64Data MimeType="text/plain">
VG8gYmUgc2lnbmVkLg==
</dss:Base64Data>
</dss:Document>
</dss:InputDocuments>
</dss:SignRequest>
Response
<?xml version="1.0" encoding="utf-8"?>
<dss:SignResponse RequestID="I034fedb7303894b3cf5d9835870e4ca8"
Profile="urn:oasis:names:tc:dss:1.0:profile:dss_interop"
xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema">
<dss:Result>
<dss:ResultMajor>
urn:oasis:names:tc:dss:1.0:resultmajor:Success
</dss:ResultMajor>
</dss:Result>
<dss:SignatureObject>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#Icf764cd5b914e569f757ef0f0bd90bdf"
Type="http://www.w3.org/2000/09/xmldsig#Object">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>HRzZHk5MuLSPnR8RXpx6hkgXZmA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
l1ZTENXg0AoStzAYmA5DIkjNsvkJQaic65Ph70Q4fK6FU55P0WB0gn3sQJhBRPGN+GJ6
ZOnL+LYO0sSYXsgdoWu7gIRPA6rDv4p+0HXZPDAXvx9+kzQNHKDoRlduU0UrC6ZHrYE9
936evhebfhYyqK8exGIOqGay64z0xIdNwkQ=
</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIEJTCCAw2gAwIBAgIBCTANBgkqhkiG9w0BAQUFADCB3jELMAkGA1UEBhMCQ0gxDjAM
BgNVBAgTBUJlcm5lMQ4wDAYDVQQHEwVCZXJuZTEfMB0GA1UEChMWVW5pdmVyc2FsIFBv
c3RhbCBVbmlvbjEaMBgGA1UEChMRRm9yIFRlc3QgVXNlIE9ubHkxHTAbBgNVBAsTFEVs
ZWN0cm9uaWMgUG9zdCBNYXJrMTMwMQYDVQQDEypVbml2ZXJzYWwgUG9zdGFsIFVuaW9u
IFBpbG90IEVQTSBBdXRob3JpdHkxHjAcBgkqhkiG9w0BCQEWD0NBQWRtaW5AdXB1Lmlu
dDAeFw0wNTAyMDcyMTM5MjdaFw0xMDAyMDYyMTM5MjdaMIG/MQswCQYDVQQGEwJDSDEO
MAwGA1UECBMFQmVybmUxDjAMBgNVBAcTBUJlcm5lMR8wHQYDVQQKExZVbml2ZXJzYWwg
UG9zdGFsIFVuaW9uMRowGAYDVQQKExFGb3IgVGVzdCBVc2UgT25seTEdMBsGA1UECxMU
RWxlY3Ryb25pYyBQb3N0IE1hcmsxFDAS BgNVBAMTC1Rlc3QgVXNlciBBMR4wHAYJKoZ
IhvcNAQkBFg9DQUFkbWluQHVwdS5pbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoG
BAKZY6YFIlcYmWFSVbu6mppnXxkOAPiFZ6ctkHyYV13MBAeU6oBlCF315USK6xNC7/gs
zkMQRwp1DJO7AlbFrXz7hzsUideq4NUhbDllIYD9Gd4KQVkkpxozEJJBlkCrazE/rqk3
3axDHojkqIHNkMLnzRaZIIShQ9qCRFu629tvhAgMBAAGjgY4wgYswDAYDVR0TBAUwAwI
BADAdBgNVHQ4EFgQUKjT95rbMUSpru/SpERNZ3CpZnOwwHwYDVR0jBBgwFoAU7RXJ0lN
kXL2nmf05PqJxKKvYqFAwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL2NhMS51cHUuaW5
0L21hc3Rlci5jcmwwCwYDVR0PBAQDAgWgMA0GCSqGSIb3DQEBBQUAA4IBAQBgT4y/5bM
u721Ry3KyY3z+iOQstYaDqeZrPhRO40qH+/PIfBR6tvnKKmWzFEHrxScZVw1cOzI3T+p
TvQ+eVJLowiBZ++S8pX458tp+QTE8/1V/zEkFz+t0tc0tWrRubK9yD0qzd8RFT9IYMp1
AukGSKDgRz79uDTUK8TPPaN4ERth9VdrRho0WORiQV6heBylxSn65PamzncqTyaQob92
qODXxPLR9N7bDDCx/CdUY/nK6/PqNWGeEOYcyfJWndX6dGkibfr7/utYALWShsPprX7D
bP2V03wDZdIlyMa9wsi17I54AGIE4lil9kwNzwXNE7KrnorsWSJHYLpSMg1po
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<ds:Object Id="Icf764cd5b914e569f757ef0f0bd90bdf">To be signed.</ds:Object>
</ds:Signature>
</dss:SignatureObject>
</dss:SignResponse>