Sign with the originator private RSA or DSA key, and verify with a RSA or DSA retrieval method
Use if the sender of the XML document provides the public RSA or DSA key in XML form (and via http, tcp or a file protocol).
Only the originator can sign a message with this specific pair of keys. Any other peer needs the corresponding public key and does not have access to the private key.
How to sign
- Create a RSA or DSA key with the constructor of the CryptoKey class.
- Load the RSA or DSA private key into the CryptoKey object.
- Set the RetrievalMethod feature on the CryptoKey object with the URL where the XML form of the public RSA or DSA key is available.
- Create a blank signature with the constructor of the Signature class.
- Assign the CryptoKey object to the Signature object.
- Create one or more references to be signed.
- Compute the signature.
- Retrieve the XML signature document from the Signature object.
How to verify
- Create a signature with the constructor of the Signature class and from a XML signature node obtained after the above compute operation.
- Verify the
signature validity. Note:
There is no key nor certificate to set in the Signature object during validation.