XMLSig Module

Properties   Methods   Events   Config Settings   Errors  

The XMLSig module is used to sign XML and verify signed XML.

Syntax

IPWorksEncrypt.Xmlsig

Remarks

The XMLSig component provides an easy to use API for signing and verifying signed XML. The Sign method will create signed XML with an enveloped signature. The VerifySignature method will attempt to verify the signature(s) within a XML document.

Sign

Before calling Sign specify the XML to sign by setting InputFile, or InputXML.

The Reference* properties must be set. At least one reference must be set. A reference defines the XML element to sign, and the options that specify how it is transformed and hashed during the signing process.

Set Certificate to a certificate with private key.

Optionally set the CanonicalizationMethod. This determines how the signature itself is canonicalized. SigningAlgorithm defines the algorithm used to sign. The SignatureXPath property may be set to specify the location in the XML document where the signature will be placed.

Lastly, call Sign to sign the XML.

The following properties are applicable when calling this method:

• CanonicalizationMethod
• Certificate (required)
• Reference* (required)
• SignatureXPath
• SigningAlgorithm

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputXML

• OutputFile
• OutputXML: The output data is written to this property if no other destination is specified.

Verify a Signature

When VerifySignature is called, the class will scan the XML document and fire the SignatureInfo event for each signature that is found. When the SignatureInfo event fires the Reference* properties will be populated.

Within the SignatureInfo event the ReferencesXMLElement property must be set to the location of the XML element to which the signature applies. The ReferencesURI property may contain data helpful to locating the XML element.

The ReferencesXMLElement property specifies the XPath to the element. For instance:

The signature is verified either using a key parsed from the signed XML, or using the certificate specified by the SignerCert* properties. The class will automatically parse the signer certificate (if present) from the signed XML and populate the SignerCert* properties with the parsed value.

When SignatureInfo fires, if the SignerCertParsed parameter is True the SignerCert* properties may be inspected to see the details of the parsed certificate. If SignerCertParsed is False, then the SignerCert* properties must be set to a valid certificate for signature verification to proceed.

When the SignatureInfo event finishes firing, the certificate present in the SignerCert* properties will be used to verify the signature, whether this is the certificate automatically parsed by the class or a different certificate specified within the event.

If the signature was successfully verified the method will return without error. If the signature was not verified the method .

Property List

The following is the full list of the properties of the module with short descriptions. Click on the links for further details.

Method List

The following is the full list of the methods of the module with short descriptions. Click on the links for further details.

Event List

The following is the full list of the events fired by the module with short descriptions. Click on the links for further details.

Config Settings

The following is a list of config settings for the module with short descriptions. Click on the links for further details.

CanonicalizationMethod Property (XMLSig Module)

The canonicalization method applied to the signature.

Syntax

• Swift
• Objective-C

public var canonicalizationMethod: XmlsigCanonicalizationMethods {
  get {...}
  set {...}
}

public enum XmlsigCanonicalizationMethods: Int32 {
  case cmC14N = 0
  case cmC14NComments = 1
  case cmC14N11 = 2
  case cmC14N11Comments = 3
  case cmExcC14N = 4
  case cmExcC14NComments = 5
}

@property (nonatomic,readwrite,assign,getter=canonicalizationMethod,setter=setCanonicalizationMethod:) int canonicalizationMethod;

- (int)canonicalizationMethod;
- (void)setCanonicalizationMethod :(int)newCanonicalizationMethod;

Default Value

0

Remarks

This property specifies the canonicalization method that is applied to the signature. This may be set before calling Sign. This will be set automatically after calling VerifySignature. Possible values are:

CertEncoded Property (XMLSig Module)

This is the certificate (PEM/Base64 encoded).

Syntax

• Swift
• Objective-C

public var certEncoded: String {
  get {...}
  set {...}
}

public var certEncodedB: Data {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=certEncoded,setter=setCertEncoded:) NSString* certEncoded;

- (NSString*)certEncoded;
- (void)setCertEncoded :(NSString*)newCertEncoded;

@property (nonatomic,readwrite,assign,getter=certEncodedB,setter=setCertEncodedB:) NSData* certEncodedB;

- (NSData*)certEncodedB;
- (void)setCertEncodedB :(NSData*)newCertEncoded;

Default Value

""

Remarks

This is the certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The CertStore and CertSubject properties also may be used to specify a certificate.

When CertEncoded is set, a search is initiated in the current CertStore for the private key of the certificate. If the key is found, CertSubject is updated to reflect the full subject of the selected certificate; otherwise, CertSubject is set to an empty string.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setCertEncodedB(certEncoded: Data) throws
public func setCertEncoded(certEncoded: String) throws

CertStore Property (XMLSig Module)

This is the name of the certificate store for the client certificate.

Syntax

• Swift
• Objective-C

public var certStore: String {
  get {...}
  set {...}
}

public var certStoreB: Data {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=certStore,setter=setCertStore:) NSString* certStore;

- (NSString*)certStore;
- (void)setCertStore :(NSString*)newCertStore;

@property (nonatomic,readwrite,assign,getter=certStoreB,setter=setCertStoreB:) NSData* certStoreB;

- (NSData*)certStoreB;
- (void)setCertStoreB :(NSData*)newCertStore;

Default Value

"MY"

Remarks

This is the name of the certificate store for the client certificate.

The CertStoreType property denotes the type of the certificate store specified by CertStore. If the store is password protected, specify the password in CertStorePassword.

CertStore is used in conjunction with the CertSubject property to specify client certificates. If CertStore has a value, and CertSubject or CertEncoded is set, a search for a certificate is initiated. Please see the CertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

CertStorePassword Property (XMLSig Module)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

• Swift
• Objective-C

public var certStorePassword: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=certStorePassword,setter=setCertStorePassword:) NSString* certStorePassword;

- (NSString*)certStorePassword;
- (void)setCertStorePassword :(NSString*)newCertStorePassword;

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

CertStoreType Property (XMLSig Module)

This is the type of certificate store for this certificate.

Syntax

• Swift
• Objective-C

public var certStoreType: XmlsigCertStoreTypes {
  get {...}
  set {...}
}

public enum XmlsigCertStoreTypes: Int32 {
  case cstUser = 0
  case cstMachine = 1
  case cstPFXFile = 2
  case cstPFXBlob = 3
  case cstJKSFile = 4
  case cstJKSBlob = 5
  case cstPEMKeyFile = 6
  case cstPEMKeyBlob = 7
  case cstPublicKeyFile = 8
  case cstPublicKeyBlob = 9
  case cstSSHPublicKeyBlob = 10
  case cstP7BFile = 11
  case cstP7BBlob = 12
  case cstSSHPublicKeyFile = 13
  case cstPPKFile = 14
  case cstPPKBlob = 15
  case cstXMLFile = 16
  case cstXMLBlob = 17
  case cstJWKFile = 18
  case cstJWKBlob = 19
  case cstSecurityKey = 20
  case cstBCFKSFile = 21
  case cstBCFKSBlob = 22
  case cstPKCS11 = 23
  case cstAuto = 99
}

@property (nonatomic,readwrite,assign,getter=certStoreType,setter=setCertStoreType:) int certStoreType;

- (int)certStoreType;
- (void)setCertStoreType :(int)newCertStoreType;

Default Value

0

Remarks

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

CertSubject Property (XMLSig Module)

This is the subject of the certificate used for client authentication.

Syntax

• Swift
• Objective-C

public var certSubject: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=certSubject,setter=setCertSubject:) NSString* certSubject;

- (NSString*)certSubject;
- (void)setCertSubject :(NSString*)newCertSubject;

Default Value

""

Remarks

This is the subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setCertSubject(certSubject: String) throws

HMACKey Property (XMLSig Module)

The HMAC key used with the 'HMAC-SHA1' signing algorithm.

Syntax

• Swift
• Objective-C

public var hmacKey: String {
  get {...}
  set {...}
}

public var hmacKeyB: Data {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=HMACKey,setter=setHMACKey:) NSString* HMACKey;

- (NSString*)HMACKey;
- (void)setHMACKey :(NSString*)newHMACKey;

@property (nonatomic,readwrite,assign,getter=HMACKeyB,setter=setHMACKeyB:) NSData* HMACKeyB;

- (NSData*)HMACKeyB;
- (void)setHMACKeyB :(NSData*)newHMACKey;

Default Value

""

Remarks

This property defines the HMAC key to be used when SigningAlgorithm is set to "HMAC-SHA1". This must be set before calling before calling Sign.

This property is also applicable when calling VerifySignature. This may be set before calling VerifySignature or from within the SignatureInfo event.

InputFile Property (XMLSig Module)

The XML file to process.

Syntax

• Swift
• Objective-C

public var inputFile: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=inputFile,setter=setInputFile:) NSString* inputFile;

- (NSString*)inputFile;
- (void)setInputFile :(NSString*)newInputFile;

Default Value

""

Remarks

This property specifies the file to be processed. Set this property to the full or relative path to the file which will be processed.

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputXML

• OutputFile
• OutputXML: The output data is written to this property if no other destination is specified.

InputXML Property (XMLSig Module)

The XML to process.

Syntax

• Swift
• Objective-C

public var inputXML: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=inputXML,setter=setInputXML:) NSString* inputXML;

- (NSString*)inputXML;
- (void)setInputXML :(NSString*)newInputXML;

Default Value

""

Remarks

This property specifies the XML to be processed.

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputXML

• OutputFile
• OutputXML: The output data is written to this property if no other destination is specified.

OutputFile Property (XMLSig Module)

The output file.

Syntax

• Swift
• Objective-C

public var outputFile: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=outputFile,setter=setOutputFile:) NSString* outputFile;

- (NSString*)outputFile;
- (void)setOutputFile :(NSString*)newOutputFile;

Default Value

""

Remarks

This property specifies the file to which the output will be written. This may be set to an absolute or relative path.

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputXML

• OutputFile
• OutputXML: The output data is written to this property if no other destination is specified.

OutputXML Property (XMLSig Module)

The output XML after processing.

Syntax

• Swift
• Objective-C

public var outputXML: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=outputXML,setter=setOutputXML:) NSString* outputXML;

- (NSString*)outputXML;
- (void)setOutputXML :(NSString*)newOutputXML;

Default Value

""

Remarks

This property will be populated with the output from the operation if OutputFile is not set.

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputXML

• OutputFile
• OutputXML: The output data is written to this property if no other destination is specified.

Overwrite Property (XMLSig Module)

Indicates whether or not the module should overwrite files.

Syntax

• Swift
• Objective-C

public var overwrite: Bool {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=overwrite,setter=setOverwrite:) BOOL overwrite;

- (BOOL)overwrite;
- (void)setOverwrite :(BOOL)newOverwrite;

Default Value

False

Remarks

This property indicates whether or not the class will overwrite OutputFile. If Overwrite is False, an error will be thrown whenever OutputFile exists before an operation. The default value is False.

References Property (XMLSig Module)

A collection of references.

Syntax

• Swift
• Objective-C

public var references: Array<XMLSigReference> {
  get {...}
}

@property (nonatomic,readwrite,assign,getter=referenceCount,setter=setReferenceCount:) int referenceCount;

- (int)referenceCount;
- (void)setReferenceCount :(int)newReferenceCount;

- (NSString*)referenceHashAlgorithm:(int)referenceIndex;
- (void)setReferenceHashAlgorithm:(int)referenceIndex :(NSString*)newReferenceHashAlgorithm;

- (NSString*)referenceHashValue:(int)referenceIndex;

- (NSString*)referenceTransformAlgorithms:(int)referenceIndex;
- (void)setReferenceTransformAlgorithms:(int)referenceIndex :(NSString*)newReferenceTransformAlgorithms;

- (NSString*)referenceURI:(int)referenceIndex;
- (void)setReferenceURI:(int)referenceIndex :(NSString*)newReferenceURI;

- (NSString*)referenceXMLElement:(int)referenceIndex;
- (void)setReferenceXMLElement:(int)referenceIndex :(NSString*)newReferenceXMLElement;

Default Value

""

Remarks

This property holds a collection of reference to sign or verify. This must be populated before calling Sign. This will be populated by the class when calling VerifySignature and is accessible from within the SignatureInfo event.

SignatureXPath Property (XMLSig Module)

The XPath of the signature.

Syntax

• Swift
• Objective-C

public var signatureXPath: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signatureXPath,setter=setSignatureXPath:) NSString* signatureXPath;

- (NSString*)signatureXPath;
- (void)setSignatureXPath :(NSString*)newSignatureXPath;

Default Value

"/"

Remarks

This property specifies the XPath in the XML where the signature will be placed.

This may be set before calling Sign. This property will be populated when calling VerifySignature.

The default value is "/".

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSignatureXPath(signatureXPath: String) throws

SignerCertEncoded Property (XMLSig Module)

This is the certificate (PEM/Base64 encoded).

Syntax

• Swift
• Objective-C

public var signerCertEncoded: String {
  get {...}
  set {...}
}

public var signerCertEncodedB: Data {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signerCertEncoded,setter=setSignerCertEncoded:) NSString* signerCertEncoded;

- (NSString*)signerCertEncoded;
- (void)setSignerCertEncoded :(NSString*)newSignerCertEncoded;

@property (nonatomic,readwrite,assign,getter=signerCertEncodedB,setter=setSignerCertEncodedB:) NSData* signerCertEncodedB;

- (NSData*)signerCertEncodedB;
- (void)setSignerCertEncodedB :(NSData*)newSignerCertEncoded;

Default Value

""

Remarks

This is the certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The SignerCertStore and SignerCertSubject properties also may be used to specify a certificate.

When SignerCertEncoded is set, a search is initiated in the current SignerCertStore for the private key of the certificate. If the key is found, SignerCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SignerCertSubject is set to an empty string.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSignerCertEncodedB(signerCertEncoded: Data) throws
public func setSignerCertEncoded(signerCertEncoded: String) throws

SignerCertStore Property (XMLSig Module)

This is the name of the certificate store for the client certificate.

Syntax

• Swift
• Objective-C

public var signerCertStore: String {
  get {...}
  set {...}
}

public var signerCertStoreB: Data {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signerCertStore,setter=setSignerCertStore:) NSString* signerCertStore;

- (NSString*)signerCertStore;
- (void)setSignerCertStore :(NSString*)newSignerCertStore;

@property (nonatomic,readwrite,assign,getter=signerCertStoreB,setter=setSignerCertStoreB:) NSData* signerCertStoreB;

- (NSData*)signerCertStoreB;
- (void)setSignerCertStoreB :(NSData*)newSignerCertStore;

Default Value

"MY"

Remarks

This is the name of the certificate store for the client certificate.

The SignerCertStoreType property denotes the type of the certificate store specified by SignerCertStore. If the store is password protected, specify the password in SignerCertStorePassword.

SignerCertStore is used in conjunction with the SignerCertSubject property to specify client certificates. If SignerCertStore has a value, and SignerCertSubject or SignerCertEncoded is set, a search for a certificate is initiated. Please see the SignerCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

SignerCertStorePassword Property (XMLSig Module)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

• Swift
• Objective-C

public var signerCertStorePassword: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signerCertStorePassword,setter=setSignerCertStorePassword:) NSString* signerCertStorePassword;

- (NSString*)signerCertStorePassword;
- (void)setSignerCertStorePassword :(NSString*)newSignerCertStorePassword;

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

SignerCertStoreType Property (XMLSig Module)

This is the type of certificate store for this certificate.

Syntax

• Swift
• Objective-C

public var signerCertStoreType: XmlsigSignerCertStoreTypes {
  get {...}
  set {...}
}

public enum XmlsigSignerCertStoreTypes: Int32 {
  case cstUser = 0
  case cstMachine = 1
  case cstPFXFile = 2
  case cstPFXBlob = 3
  case cstJKSFile = 4
  case cstJKSBlob = 5
  case cstPEMKeyFile = 6
  case cstPEMKeyBlob = 7
  case cstPublicKeyFile = 8
  case cstPublicKeyBlob = 9
  case cstSSHPublicKeyBlob = 10
  case cstP7BFile = 11
  case cstP7BBlob = 12
  case cstSSHPublicKeyFile = 13
  case cstPPKFile = 14
  case cstPPKBlob = 15
  case cstXMLFile = 16
  case cstXMLBlob = 17
  case cstJWKFile = 18
  case cstJWKBlob = 19
  case cstSecurityKey = 20
  case cstBCFKSFile = 21
  case cstBCFKSBlob = 22
  case cstPKCS11 = 23
  case cstAuto = 99
}

@property (nonatomic,readwrite,assign,getter=signerCertStoreType,setter=setSignerCertStoreType:) int signerCertStoreType;

- (int)signerCertStoreType;
- (void)setSignerCertStoreType :(int)newSignerCertStoreType;

Default Value

0

Remarks

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

SignerCertSubject Property (XMLSig Module)

This is the subject of the certificate used for client authentication.

Syntax

• Swift
• Objective-C

public var signerCertSubject: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signerCertSubject,setter=setSignerCertSubject:) NSString* signerCertSubject;

- (NSString*)signerCertSubject;
- (void)setSignerCertSubject :(NSString*)newSignerCertSubject;

Default Value

""

Remarks

This is the subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSignerCertSubject(signerCertSubject: String) throws

SigningAlgorithm Property (XMLSig Module)

The signing algorithm.

Syntax

• Swift
• Objective-C

public var signingAlgorithm: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signingAlgorithm,setter=setSigningAlgorithm:) NSString* signingAlgorithm;

- (NSString*)signingAlgorithm;
- (void)setSigningAlgorithm :(NSString*)newSigningAlgorithm;

Default Value

""

Remarks

This property specifies the signing algorithm.

This may be set before calling Sign. This value will be set after calling VerifySignature. Possible values are:

• "RSA-SHA1" (default)
• "RSA-SHA256"
• "DSA-SHA1"
• "HMAC-SHA1"

Config Method (XMLSig Module)

Sets or retrieves a configuration setting.

Syntax

• Swift
• Objective-C

public func config(configurationString: String) throws -> String

- (NSString*)config:(NSString*)configurationString;

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

DoEvents Method (XMLSig Module)

Processes events from the internal message queue.

Syntax

• Swift
• Objective-C

public func doEvents() throws -> Void

- (void)doEvents;

Remarks

When DoEvents is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.

Reset Method (XMLSig Module)

Resets the component.

Syntax

• Swift
• Objective-C

public func reset() throws -> Void

- (void)reset;

Remarks

When called, the component will reset all of its properties to their default values.

Sign Method (XMLSig Module)

Signs the XML.

Syntax

• Swift
• Objective-C

public func sign() throws -> Void

- (void)sign;

Remarks

This methods signs the XML.

Before calling Sign specify the XML to sign by setting InputFile, or InputXML.

The Reference* properties must be set. At least one reference must be set. A reference defines the XML element to sign, and the options that specify how it is transformed and hashed during the signing process.

Set Certificate to a certificate with private key.

Optionally set the CanonicalizationMethod. This determines how the signature itself is canonicalized. SigningAlgorithm defines the algorithm used to sign. The SignatureXPath property may be set to specify the location in the XML document where the signature will be placed.

Lastly, call Sign to sign the XML.

The following properties are applicable when calling this method:

• CanonicalizationMethod
• Certificate (required)
• Reference* (required)
• SignatureXPath
• SigningAlgorithm

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

• InputFile
• InputXML

• OutputFile
• OutputXML: The output data is written to this property if no other destination is specified.

VerifySignature Method (XMLSig Module)

Verifies signed XML.

Syntax

• Swift
• Objective-C

public func verifySignature() throws -> Void

- (void)verifySignature;

Remarks

This method verifies signatures contained in the XML.

When VerifySignature is called, the class will scan the XML document and fire the SignatureInfo event for each signature that is found. When the SignatureInfo event fires the Reference* properties will be populated.

Within the SignatureInfo event the ReferencesXMLElement property must be set to the location of the XML element to which the signature applies. The ReferencesURI property may contain data helpful to locating the XML element.

The ReferencesXMLElement property specifies the XPath to the element. For instance:

The signature is verified either using a key parsed from the signed XML, or using the certificate specified by the SignerCert* properties. The class will automatically parse the signer certificate (if present) from the signed XML and populate the SignerCert* properties with the parsed value.

When SignatureInfo fires, if the SignerCertParsed parameter is True the SignerCert* properties may be inspected to see the details of the parsed certificate. If SignerCertParsed is False, then the SignerCert* properties must be set to a valid certificate for signature verification to proceed.

When the SignatureInfo event finishes firing, the certificate present in the SignerCert* properties will be used to verify the signature, whether this is the certificate automatically parsed by the class or a different certificate specified within the event.

If the signature was successfully verified the method will return without error. If the signature was not verified the method .

Error Event (XMLSig Module)

Fired when information is available about errors during data delivery.

Syntax

• Swift
• Objective-C

func onError(errorCode: Int32, description: String)

- (void)onError:(int)errorCode :(NSString*)description;

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the class .

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Progress Event (XMLSig Module)

Fired as progress is made.

Syntax

• Swift
• Objective-C

func onProgress(bytesProcessed: Int64, percentProcessed: Int32, operation: Int32, isEOF: inout Bool)

- (void)onProgress:(long long)bytesProcessed :(int)percentProcessed :(int)operation :(int*)isEOF;

Remarks

This event is fired automatically as data is processed by the class.

The PercentProcessed parameter indicates the current status of the operation.

The BytesProcessed parameter holds the total number of bytes processed so far.

The Operation parameter is only applicable when either ReadFromProgressEvent or WriteToProgressEvent is set to True. This parameter defines whether a Read or Write operation is required. If the configuration settings are not set this parameter will always return 0. Possible values are:

The IsEOF parameter is only applicable when either ReadFromProgressEvent or WriteToProgressEvent is set to True. This parameter defines whether the Read or Write operation is complete. When the Operation is Read (1) this parameter must be set to indicate that all data has been supplied to the class. When the Operation is Write (2) this value may be queried to determine when all data has been processed.

SignatureInfo Event (XMLSig Module)

Fired when a signature is found.

Syntax

• Swift
• Objective-C

func onSignatureInfo(signatureId: String, signerCertParsed: Bool)

- (void)onSignatureInfo:(NSString*)signatureId :(BOOL)signerCertParsed;

Remarks

This event fires when calling VerifySignature for each signature found within the XML document.

SignatureId is the id of the signature.

SignerCertParsed indicates whether the signer's certificate was automatically parsed from the signed XML.

Verification Notes

When VerifySignature is called, the class will scan the XML document and fire the SignatureInfo event for each signature that is found. When the SignatureInfo event fires the Reference* properties will be populated.

Within the SignatureInfo event the ReferencesXMLElement property must be set to the location of the XML element to which the signature applies. The ReferencesURI property may contain data helpful to locating the XML element.

The ReferencesXMLElement property specifies the XPath to the element. For instance:

The signature is verified either using a key parsed from the signed XML, or using the certificate specified by the SignerCert* properties. The class will automatically parse the signer certificate (if present) from the signed XML and populate the SignerCert* properties with the parsed value.

When SignatureInfo fires, if the SignerCertParsed parameter is True the SignerCert* properties may be inspected to see the details of the parsed certificate. If SignerCertParsed is False, then the SignerCert* properties must be set to a valid certificate for signature verification to proceed.

When the SignatureInfo event finishes firing, the certificate present in the SignerCert* properties will be used to verify the signature, whether this is the certificate automatically parsed by the class or a different certificate specified within the event.

If the signature was successfully verified the method will return without error. If the signature was not verified the method .

Status Event (XMLSig Module)

Provides information about the current operation.

Syntax

• Swift
• Objective-C

func onStatus(message: String)

- (void)onStatus:(NSString*)message;

Remarks

The event is fired for informational and logging purposes only. It may be used to track the progress of an operation.

The level of detail is controlled by the LogLevel setting.

XMLSigReference Type

This type defines information about the reference.

Remarks

This type defines information about the reference including the location within the document (), , HashAlgorithm, and .

Fields

Constructors

public init()

public init(xMLElement: , uRI: , hashAlgorithm: , transformAlgorithms: , hashValue: )

Config Settings (XMLSig Module)

XMLSig Config Settings

<root>
  <node1>
    <ds:Signature>...</ds:Signature>
  </node1>
  <node2></node2>
  <node3></node3>
</root>

<root>
  <node1></node1>
  <ds:Signature>...</ds:Signature>
  <node2></node2>
  <node3></node3>
</root>

Base Config Settings

Trappable Errors (XMLSig Module)

XMLSig Errors

XML Errors