xml-dsig

    0.0.6-1 • Public • Published

    xml-dsig

    XML digital signatures (xmldsig)

    Overview

    This module performs XML digital signature production and verification as specified in xmldsig-core.

    To operate, a preconstructed DOM object is required. Any object that implements the DOM Level 2 API will suffice. I recommend xmldom if you're working with node, or your browser's native DOM implementation if you're not.

    Super Quickstart

    Also see example.js.

    //
    // $ openssl genrsa 1024 > signer.key
    // $ openssl rsa -pubout < signer.key > signer.pub
    //
     
    var fs = require("fs"),
        xmldom = require("xmldom");
     
    var dsig = require("xml-dsig");
     
    var xml = '<docs><doc id="doc-1"/><doc id="doc-2"/></docs>',
        doc = (new xmldom.DOMParser()).parseFromString(xml);
     
    var options = {
      signatureOptions: {
        privateKey: fs.readFileSync("./signer.key"),
        publicKey: fs.readFileSync("./signer.pub"),
      }
    };
     
    var node = doc.documentElement;
     
    var signature = dsig.createSignature(node, options),
        enveloped = dsig.insertEnvelopedSignature(node, options);
     
    console.log("");
     
    console.log(node.toString());
    console.log("");
     
    console.log(signature.toString());
    console.log("");
     
    console.log(enveloped.toString());
    console.log("");
     
    console.log(dsig.verifySignature(node, signature, options));
    console.log("");
    <docs><doc id="doc-1"/><doc id="doc-2"/></docs>
    
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>7CHcwH1bPS0AQ0mk/Js5PZv4nn1hiODMoG1iwa9kKRo=</DigestValue></Reference><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/></SignedInfo><SignatureValue>UzjDCBHby6jvY/ZhyJCfz41l062uidQpI7VYTTF+Uix47zLiKFAPYVT6ICeZ5d8yYVEKWi5AydkStlj3OruwHupZdx27vy+EXRZM5If7xCWDCXuyf+vV3la9qkSk1CceLeDbwsz4dpIp08h+AkfJipPlMXuYhoqjj2bzjdqroh8=</SignatureValue></Signature>
    
    <docs><doc id="doc-1"/><doc id="doc-2"/><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>7CHcwH1bPS0AQ0mk/Js5PZv4nn1hiODMoG1iwa9kKRo=</DigestValue></Reference><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/></SignedInfo><SignatureValue>S2Qt11e4wO5fJy41BMFS0YF2fiCSfF08WioXhgXRfp26QqDnTvCi5vIijFnbI/fFnqn01eOOGj3IDm26YMHfXoP6NSo6zECkj4OJDLxheuPvMJi5NRxSRRdGH2LeQ3qVRcPtxmz2+djdCQPM6YG7UAP2MKao0U7vydYwdIqGM7g=</SignatureValue></Signature></docs>
    
    true
    

    Installation

    Available via npm:

    $ npm install xml-dsig

    Or via git:

    $ git clone git://github.com/deoxxa/xml-dsig.git node_modules/xml-dsig

    API

    dsig.createSignature

    Creates a signature element from an XML DOM node.

    dsig.createSignature(node, options);
    // returns a DOM node representing the Signature element
     
    var signature = dsig.createSignature(node, {
      transforms: ["http://www.w3.org/2001/10/xml-exc-c14n#"],
      canonicalisationAlgorithm: "http://www.w3.org/2001/10/xml-exc-c14n#",
      digestAlgorithm: "http://www.w3.org/2001/04/xmlenc#sha256",
      signatureAlgorithm: "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
      signatureOptions: {
        privateKey: "...",
        publicKey: "...",
      },
    });

    Arguments

    • node - a DOM node implementing DOM Level 2
    • options - an object specifying options for how to construct the signature

    dsig.verifySignature

    Verifies a signature given a DOM node, a signature element, and any required parameters for the signature (keys, etc).

    dsig.verifySignature(node, signatureElement, options);
    var signatureIsValid = dsig.verifySignature(node, signatureElement, options);

    Arguments

    • node - a DOM node implementing DOM Level 2
    • signatureElement - a DOM node representing the XML signature to check
    • options - an object specifying options for how to construct the signature (see createSignature above for more information)

    dsig.insertEnvelopedSignature

    Creates a signature with an enveloped signature transformation applied and returns a new element with the signature inserted as a child node.

    dsig.insertEnvelopedSignature(node, options);
    var newElement = dsig.insertEnvelopedSignature(node, options);
    • node - a DOM node implementing DOM Level 2
    • options - an object specifying options for how to construct the signature (see createSignature above for more information)

    License

    3-clause BSD. A copy is included with the source.

    Contact

    Install

    npm i xml-dsig

    DownloadsWeekly Downloads

    176

    Version

    0.0.6-1

    License

    BSD

    Last publish

    Collaborators

    • deoxxa