2
|
1 |
<?xml version="1.0" encoding="UTF-8"?>
|
|
2 |
<!DOCTYPE Envelope [
|
|
3 |
<!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
|
|
4 |
<!ENTITY c14n 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'>
|
|
5 |
<!ENTITY xpath 'http://www.w3.org/TR/1999/REC-xpath-19991116'>
|
|
6 |
<!ENTITY xslt 'http://www.w3.org/TR/1999/REC-xslt-19991116'>
|
|
7 |
<!ATTLIST Notaries Id ID #IMPLIED>
|
|
8 |
]>
|
|
9 |
<!-- Preamble -->
|
|
10 |
<Envelope xmlns:foo="http://example.org/foo" xmlns="http://example.org/usps">
|
|
11 |
<DearSir>foo</DearSir>
|
|
12 |
<Body>bar</Body>
|
|
13 |
<YoursSincerely>
|
|
14 |
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="signature">
|
|
15 |
<SignedInfo>
|
|
16 |
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
|
|
17 |
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
|
|
18 |
<Reference URI="http://www.w3.org/TR/xml-stylesheet">
|
|
19 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
20 |
<DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
|
|
21 |
</Reference>
|
|
22 |
<Reference URI="http://www.w3.org/Signature/2002/04/xml-stylesheet.b64">
|
|
23 |
<Transforms>
|
|
24 |
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
|
|
25 |
</Transforms>
|
|
26 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
27 |
<DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
|
|
28 |
</Reference>
|
|
29 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-1">
|
|
30 |
<Transforms>
|
|
31 |
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
|
|
32 |
<XPath>
|
|
33 |
self::text()
|
|
34 |
</XPath>
|
|
35 |
</Transform>
|
|
36 |
</Transforms>
|
|
37 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
38 |
<DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
|
|
39 |
</Reference>
|
|
40 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="">
|
|
41 |
<Transforms>
|
|
42 |
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
|
|
43 |
<XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
|
|
44 |
ancestor-or-self::dsig:SignedInfo
|
|
45 |
and
|
|
46 |
count(ancestor-or-self::dsig:Reference |
|
|
47 |
here()/ancestor::dsig:Reference[1]) >
|
|
48 |
count(ancestor-or-self::dsig:Reference)
|
|
49 |
or
|
|
50 |
count(ancestor-or-self::node() |
|
|
51 |
id('notaries')) =
|
|
52 |
count(ancestor-or-self::node())
|
|
53 |
</XPath>
|
|
54 |
</Transform>
|
|
55 |
</Transforms>
|
|
56 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
57 |
<DigestValue>tQiE3GUKiBenPyp3J0Ei6rJMFv4=</DigestValue>
|
|
58 |
</Reference>
|
|
59 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-2">
|
|
60 |
<Transforms>
|
|
61 |
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
|
|
62 |
</Transforms>
|
|
63 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
64 |
<DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
|
|
65 |
</Reference>
|
|
66 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest-1">
|
|
67 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
68 |
<DigestValue>qg4HFwsN+/WX32uH85WlJU9l45k=</DigestValue>
|
|
69 |
</Reference>
|
|
70 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties" URI="#signature-properties-1">
|
|
71 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
72 |
<DigestValue>ETlEI3y7hvvAtMe9wQSz7LhbHEE=</DigestValue>
|
|
73 |
</Reference>
|
|
74 |
<Reference URI="">
|
|
75 |
<Transforms>
|
|
76 |
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
|
|
77 |
</Transforms>
|
|
78 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
79 |
<DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
|
|
80 |
</Reference>
|
|
81 |
<Reference URI="">
|
|
82 |
<Transforms>
|
|
83 |
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
|
|
84 |
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
|
|
85 |
</Transforms>
|
|
86 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
87 |
<DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
|
|
88 |
</Reference>
|
|
89 |
<Reference URI="#xpointer(/)">
|
|
90 |
<Transforms>
|
|
91 |
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
|
|
92 |
</Transforms>
|
|
93 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
94 |
<DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
|
|
95 |
</Reference>
|
|
96 |
<Reference URI="#xpointer(/)">
|
|
97 |
<Transforms>
|
|
98 |
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
|
|
99 |
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
|
|
100 |
</Transforms>
|
|
101 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
102 |
<DigestValue>MkL9CX8yeABBth1RChyPx58Ls8w=</DigestValue>
|
|
103 |
</Reference>
|
|
104 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
|
|
105 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
106 |
<DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
|
|
107 |
</Reference>
|
|
108 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
|
|
109 |
<Transforms>
|
|
110 |
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
|
|
111 |
</Transforms>
|
|
112 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
113 |
<DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
|
|
114 |
</Reference>
|
|
115 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
|
|
116 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
117 |
<DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
|
|
118 |
</Reference>
|
|
119 |
<Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
|
|
120 |
<Transforms>
|
|
121 |
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
|
|
122 |
</Transforms>
|
|
123 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
124 |
<DigestValue>419CYgyTWOTGYGBhzieWklNf7Bk=</DigestValue>
|
|
125 |
</Reference>
|
|
126 |
<Reference URI="#reference-2">
|
|
127 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
128 |
<DigestValue>VzK45P9Ksjqq5oXlKQpkGgB2CNY=</DigestValue>
|
|
129 |
</Reference>
|
|
130 |
<Reference Id="reference-1" URI="#manifest-reference-1">
|
|
131 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
132 |
<DigestValue>7/9fR+NIDz9owc1Lfsxu1JBr8uo=</DigestValue>
|
|
133 |
</Reference>
|
|
134 |
<Reference Id="reference-2" URI="#reference-1">
|
|
135 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
136 |
<DigestValue>qURlo3LSq4TWQtygBZJ0iXQ9E14=</DigestValue>
|
|
137 |
</Reference>
|
|
138 |
</SignedInfo>
|
|
139 |
<SignatureValue>
|
|
140 |
WvZUJAJ/3QNqzQvwne2vvy7U5Pck8ZZ5UTa6pIwR7GE+PoGi6A1kyw==
|
|
141 |
</SignatureValue>
|
|
142 |
<KeyInfo>
|
|
143 |
<RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#X509Data" URI="#object-4">
|
|
144 |
<Transforms>
|
|
145 |
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
|
|
146 |
<XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
|
|
147 |
ancestor-or-self::dsig:X509Data
|
|
148 |
</XPath>
|
|
149 |
</Transform>
|
|
150 |
</Transforms>
|
|
151 |
</RetrievalMethod>
|
|
152 |
</KeyInfo>
|
|
153 |
<Object Id="object-1" MimeType="text/plain">I am the text.</Object>
|
|
154 |
<Object Encoding="http://www.w3.org/2000/09/xmldsig#base64" Id="object-2" MimeType="text/plain">SSBhbSB0aGUgdGV4dC4=</Object>
|
|
155 |
<Object Id="object-3">
|
|
156 |
<NonCommentandus xmlns=""><!-- Commentandum --></NonCommentandus>
|
|
157 |
</Object>
|
|
158 |
<Object>
|
|
159 |
<Manifest Id="manifest-1">
|
|
160 |
<Reference Id="manifest-reference-1" URI="http://www.w3.org/TR/xml-stylesheet">
|
|
161 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
162 |
<DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
|
|
163 |
</Reference>
|
|
164 |
<Reference URI="#reference-1">
|
|
165 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
166 |
<DigestValue>qURlo3LSq4TWQtygBZJ0iXQ9E14=</DigestValue>
|
|
167 |
</Reference>
|
|
168 |
<Reference URI="#notaries">
|
|
169 |
<Transforms>
|
|
170 |
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
|
|
171 |
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://www.w3.org/TR/xhtml1/strict" exclude-result-prefixes="foo" version="1.0">
|
|
172 |
<xsl:output encoding="UTF-8" indent="no" method="xml" />
|
|
173 |
<xsl:template match="/">
|
|
174 |
<html>
|
|
175 |
<head>
|
|
176 |
<title>Notaries</title>
|
|
177 |
</head>
|
|
178 |
<body>
|
|
179 |
<table>
|
|
180 |
<xsl:for-each select="Notaries/Notary">
|
|
181 |
<tr>
|
|
182 |
<th>
|
|
183 |
<xsl:value-of select="@name" />
|
|
184 |
</th>
|
|
185 |
</tr>
|
|
186 |
</xsl:for-each>
|
|
187 |
</table>
|
|
188 |
</body>
|
|
189 |
</html>
|
|
190 |
</xsl:template>
|
|
191 |
</xsl:stylesheet>
|
|
192 |
</Transform>
|
|
193 |
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
|
|
194 |
</Transforms>
|
|
195 |
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
|
|
196 |
<DigestValue>c7wq5XKos6RqNVJyFy7/fl6+sAs=</DigestValue>
|
|
197 |
</Reference>
|
|
198 |
</Manifest>
|
|
199 |
</Object>
|
|
200 |
<Object>
|
|
201 |
<SignatureProperties Id="signature-properties-1">
|
|
202 |
<SignatureProperty Target="#signature">
|
|
203 |
<SignerAddress xmlns="urn:demo"><IP>192.168.21.138</IP></SignerAddress>
|
|
204 |
</SignatureProperty>
|
|
205 |
</SignatureProperties>
|
|
206 |
</Object>
|
|
207 |
<Object Id="object-4">
|
|
208 |
<X509Data>
|
|
209 |
<X509SubjectName>
|
|
210 |
CN=Merlin Hughes,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
|
|
211 |
</X509SubjectName>
|
|
212 |
<X509IssuerSerial>
|
|
213 |
<X509IssuerName>
|
|
214 |
CN=Transient CA,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
|
|
215 |
</X509IssuerName>
|
|
216 |
<X509SerialNumber>1017788370348</X509SerialNumber>
|
|
217 |
</X509IssuerSerial>
|
|
218 |
<X509Certificate>
|
|
219 |
MIIDUDCCAxCgAwIBAgIGAOz46g2sMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
|
|
220 |
DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
|
|
221 |
cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
|
|
222 |
MB4XDTAyMDQwMjIyNTkzMFoXDTEyMDQwMjIxNTkyNVowbzELMAkGA1UEBhMCSUUx
|
|
223 |
DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
|
|
224 |
cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
|
|
225 |
czCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQDd454C+qcTIWlb65NKCt2PtguNpOSn
|
|
226 |
Id5woUigu7xBk2QZNAjVyIhMEfSWp8iR0IdKLx+JQLcNOrcn0Wwl5/hhW0MXsmlS
|
|
227 |
8dM5Cq2rtmDHooLxbGTPqtALE6vsXQCk5iLz3MtGh7gyQMZ7q7HT5a3I5NChUgY1
|
|
228 |
MMNQVetRA1susQIVAIQy3BStBjvx89Wq8Tjr7IDP1S8lAoGBAJ58e4W3VqMxm7Zx
|
|
229 |
YJ2xZ6KX0Ze10WnKZDyURn+T9iFIFbKRFElKDeotXwwXwYON8yre3ZRGkC+2+fiU
|
|
230 |
2bdzIWTT6LMbIMVbk+07P4OZOxJ6XWL9GuYcOQcNvX42xh34DPHdq4XdlItMR25N
|
|
231 |
A+OdZ4S8VVrpb4jkj4cyir1628kgA4GEAAKBgHH2KYoaQEHnqWzRUuDAG0EYXV6Q
|
|
232 |
4ucC68MROYSL6GKqNS/AUFbvH2NUxQD7aGntYgYPxiCcj94i38rgSWg7ySSz99MA
|
|
233 |
R/Yv7OSd+uej3r6TlXU34u++xYvRo+sv4m9lb/jmXyZJKeC+dPqeU1IT5kCybURL
|
|
234 |
ILZfrZyDsiU/vhvVozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIatY7SE
|
|
235 |
lXEOMBMGA1UdIwQMMAqACIOGPkB2MuKTMAkGByqGSM44BAMDLwAwLAIUSvT02iQj
|
|
236 |
Q5da4Wpe0Bvs7GuCcVsCFCEcQpbjUfnxXFXNWiFyQ49ZrWqn
|
|
237 |
</X509Certificate>
|
|
238 |
<X509Certificate>
|
|
239 |
MIIDSzCCAwugAwIBAgIGAOz46fwJMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
|
|
240 |
DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
|
|
241 |
cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
|
|
242 |
MB4XDTAyMDQwMjIyNTkyNVoXDTEyMDQwMjIxNTkyNVowbjELMAkGA1UEBhMCSUUx
|
|
243 |
DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
|
|
244 |
cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
|
|
245 |
MIIBtzCCASwGByqGSM44BAEwggEfAoGBAN3jngL6pxMhaVvrk0oK3Y+2C42k5Kch
|
|
246 |
3nChSKC7vEGTZBk0CNXIiEwR9JanyJHQh0ovH4lAtw06tyfRbCXn+GFbQxeyaVLx
|
|
247 |
0zkKrau2YMeigvFsZM+q0AsTq+xdAKTmIvPcy0aHuDJAxnursdPlrcjk0KFSBjUw
|
|
248 |
w1BV61EDWy6xAhUAhDLcFK0GO/Hz1arxOOvsgM/VLyUCgYEAnnx7hbdWozGbtnFg
|
|
249 |
nbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43zKt7dlEaQL7b5+JTZ
|
|
250 |
t3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM8d2rhd2Ui0xHbk0D
|
|
251 |
451nhLxVWulviOSPhzKKvXrbySADgYQAAoGAfag+HCABIJadDD9Aarhgc2QR3Lp7
|
|
252 |
PpMOh0lAwLiIsvkO4UlbeOS0IJC8bcqLjM1fVw6FGSaxmq+4y1ag2m9k6IdE0Qh5
|
|
253 |
NxB/xFkmdwqXFRIJVp44OeUygB47YK76NmUIYG3DdfiPPU3bqzjvtOtETiCHvo25
|
|
254 |
4D6UjwPpYErXRUajNjA0MA4GA1UdDwEB/wQEAwICBDAPBgNVHRMECDAGAQH/AgEA
|
|
255 |
MBEGA1UdDgQKBAiDhj5AdjLikzAJBgcqhkjOOAQDAy8AMCwCFELu0nuweqW7Wf0s
|
|
256 |
gk/CAGGL0BGKAhRNdgQGr5iyZKoH4oqPm0VJ9TjXLg==
|
|
257 |
</X509Certificate>
|
|
258 |
</X509Data>
|
|
259 |
</Object>
|
|
260 |
</Signature>
|
|
261 |
</YoursSincerely>
|
|
262 |
<PostScript>bar</PostScript>
|
|
263 |
<Notaries xmlns="" Id="notaries">
|
|
264 |
<Notary name="Great, A. T." />
|
|
265 |
<Notary name="Hun, A. T." />
|
|
266 |
</Notaries>
|
|
267 |
<!-- Commentary -->
|
|
268 |
</Envelope>
|
|
269 |
<!-- Postamble -->
|