[XML Security Suite]

XMLDSIG implementation

This package is a sample implementation for Digital Signatures for XML. This requires JDK1.2.


Run Sample Applications

Preparations

  1. Please confirm jar file for XML4J v2 (ex. xml4j_2_0_X.jar) and xss4j.jar are set to CLASSPATH.
  2. Generate a key pair using keytool command. Suppose you input the following command:
    E:\xss4j> keytool -genkey -dname "CN=cName, OU=orgUnit, O=org, L=city, S=state, C=countryCode" -keypass your-keypassword -storepass your-storepassword -alias your-alias
  3. Please modify the security context file(data\securityContextForTest_xml) as following.

Signing test.xml

Input the following command:

E:\xss4j> java com.ibm.xml.dsig.XDSSign data\test.xml data\securityContextForTest_xml output-filename

When you don't specify an output-filename, you can see the result on the standard output.

Verifing a signed document

Input the following command:

E:\xss4j> java com.ibm.xml.dsig.XDSVerify output-filename securityContextText_xml test.policy

If the output-filename has not been modified, you see the following output:

Resource verified.
Signature verified.

If the output-filename has been modified, this verification fails.

Note: On Linux and Java 2 SDK pre-release 1, XDSVerify doesn't work with JIT. Add the following option:
java -Djava.compiler=NONE com.ibm.xml.dsig.XDSVerify output-filename securityContextText_xml test.policy

Changes

1999.4.27
Renamed class names.
Document: Added a remark for Linux.


YAGISHITA, Kazuyo
Last modified: Tue Apr 27 16:33:00 JST 1999