Packaging Digital Signature Concepts
[This documentation is preliminary and is subject to change.]
This section gives an overview of the concepts that define digital signatures in packages.
A digital signature ("signature") is used to validate the package originator's identity and to confirm that the signed contents of the package have not been modified after signing. In a package, the signature can reference the package components that have been signed; it can include objects that contain application data, which may also have been signed; and it can include certificates, which can be used in signature validation.
Signatures are serialized as specialized XML markup (signature markup) that complies with the W3C Recommendation "XML-Signature and Syntax Processing" and includes package-specific modifications. For more information about these modifications, refer to the OPC (ECMA-376 Part 2).
A package can have more than one signature, and each signature can reference any package component or any application data that exists inside the signature markup.
The following table describes signature concepts.
A signature that is created for a package and composed of representations of the other signature concepts.
|A reference to a part||
A reference to one part that has been signed.
|A reference to relationships||
A reference to one or more relationships that have been signed and that are all stored in the same Relationships part.
|A reference to application data||
A reference to application-specific data that has been signed and is contained in a specified object.
|An object that contains application data||
An application-specific object that contains application data that may have been signed and is serialized as an element in the signature markup.
An X.509 certificate that is included when the signature is created and can be used in signature validation.
When a signature is created, each signature concept and the necessary signing information must be represented. Each item to be signed has a value associated with it at signing, and an encrypted hash value is associated with the entire signature. These values are stored and compared against each other when the signature is validated.
Warning The Packaging API provides interfaces and methods for validating signed package components and signature markup. The originator's identity must be validated by the application or package consumer.
During signature validation, the specified algorithms that are used at signing are used again to calculate values for each signed object and then to calculate an encrypted hash value for the whole signature.
If the signed items have not been altered after being signed, the values that are computed during validation must be identical to the values stored at signing. If the values computed during validation are different, the signature or a signed object has changed.
|Example of a Serialized Packaging Signature||
This section shows an example of a serialized signature and how it relates to packaging signature concepts.
Build date: 2/2/2009