XML Sign

The XML signature functions are in accordance with the standard for digital signatures in XML (Extended Markup Language) format defined by the W3C (World Wide Web Consortium) consortium, in order to guarantee interoperability, i.e. XML documents signed by the HSM can be verified in other environments adhering to W3C standards, and the HSM can verify signatures on XML documents signed externally.

The API functions for use with XML signing require the internal storage in the HSM of the digital certificates for digital signing and the complete chain of trust of the certificates for verification.

To save a digital certificate (or file) in the HSM, use the remote management console or the API.

The digital certificate for signing must be encoded in ASN1 DER binary format and also follow the X.509 standard. The file containing the chain of trust for verifying the digital signature must be encoded in PKCS#7 format(Public Key Cryptography Standard #7 - Cryptographic Message Syntax Standard).