The original XML document, indicated byUnsignedXml, can be compressed according to the gzip standard described in RFCs 1950 (zlib format), 1951 (deflate format) and 1952 (gzip format). HSM automatically recognizes the compression. If the original XML document is compressed, the returned signed XML document will also be compressed using the same gzip standard. The decompression, signing and compression operations are independent in the HSM, so if an internal error occurs after signing the XML and it is not possible to return the compressed signed XML document, the signed XML document will be returned in plain text (without compression). Although such an internal error is very unlikely, the application must be prepared to deal with it.
Compressing the XML document does not necessarily bring a performance gain in signing operations. The main gain can come from a significant reduction in network bandwidth usage. The specific circumstances of each environment must be analyzed when adopting XML document compression.
The original XML document, indicated byUnsignedXml, can be compressed according to the gzip standard described in RFCs 1950 (zlib format), 1951 (deflate format) and 1952 (gzip format). HSM automatically recognizes the compression. If the original XML document is compressed, the returned signed XML document will also be compressed using the same gzip standard. The decompression, signing and compression operations are independent in the HSM, so if an internal error occurs after signing the XML and it is not possible to return the compressed signed XML document, the signed XML document will be returned in plain text (without compression). Although such an internal error is very unlikely, the application must be prepared to deal with it.
Compressing the XML document does not necessarily bring a performance gain in signing operations. The main gain can come from a significant reduction in network bandwidth usage. The specific circumstances of each environment must be analyzed when adopting XML document compression.
Checks the signature of a digitally signed XML document. Receives parameters in string format.
Parameters
CertId
Identifier internal to the HSM referring to the PKCS#7 chain - stored internally in the HSM - of the certificate used to sign the XML document
SignedXml
XML digitally signed in UTF-8.
Filter
Filter for checking the digital signature of parts of the XML document in UTF-8. Use of the filter is optional. See comments for more information on filters.