Sign with a named key and verify using the keystore
Use if the sender and the receiver exchange multiple XML documents signed with different keys.
How to sign
- Create a HMAC, RSA or DSA key with the constructor of the CryptoKey class.
- Set the HMAC key or load the RSA or DSA key in the CryptoKey object.
- Set the KeyName feature with the name identifying the key.
- Create a blank signature with the constructor of the Signature class.
- Assign the CryptoKey object to the Signature object.
- Create one or more references to be signed.
- Compute the signature.
- Retrieve the XML signature document from the Signature object.
How to verify
- Create a HMAC, RSA or DSA key with the constructor of the CryptoKey.
- Set the HMAC key or load the RSA or DSA key in the CryptoKey object.
- Set the KeyName feature with the name identifying the key.
- Register the key to be used by key name for any signature verification.
- Create a signature with the constructor of the Signature class and from a XML signature node obtained after the above compute operation.
- Verify the signature validity.
Note: It is recommended that steps 1 to 4 are done once at application start-up for each
key used in the application. Steps 5 - 6 can then be executed quickly for any XML signature to be
checked.