Validating Signatures

Consumers validate signatures following the steps described in §3.2 of the W3C Recommendation “XML-Signature Syntax and Processing.” When validating digital signatures, consumers shall verify the content type and the digest contained in each <Reference> descendant element of the <SignedInfo> element, and validate the signature calculated using the <SignedInfo> element. [M6.29]

The steps below might not be sufficient to validate signatures that contain application-specific <Object> elements. Format designers that utilize application-specific <Object> elements shall also define the additional steps that shall be performed to validate the application-specific <Object> elements.

To validate references:

  1. The package implementer shall canonicalize the <SignedInfo> element based on the <CanonicalizationMethod> element specified in the <SignedInfo> element.

  2. For each <Reference> element in the <SignedInfo> element:

    1. The package implementer shall obtain the <Object> element to be digested.

    2. For the package-specific <Object> element, the package implementer shall validate references to signed parts stored in the <Manifest> element. The package implementer shall consider references invalid if there is a missing part. [M6.9]
      Note: If a relationships transform is specified for a signed Relationships part, only the specified subset of relationships within the entire Relationships part are validated.

    3. For the package-specific <Object> element, validation of <Reference> elements includes verifying the content type of the referenced part and the content type specified in the reference query component. Package implementers shall consider references invalid if these two values are different. The string comparison shall be case-sensitive and locale-invariant. [M6.11]

    4. The package implementer shall digest the obtained <Object> element using the <DigestMethod> element specified in the <Reference> element.

    5. The package implementer shall compare the generated digest value against the <DigestValue> element in the <Reference> element of the SignedInfo element. Package implementers shall consider references invalid if there is any mismatch. [M6.30]

To validate signatures:

  1. The package implementer shall obtain the public key information from the <KeyInfo> element or from an external source.

  2. The package implementer shall obtain the canonical form of the <SignatureMethod> element using the <CanonicalizationMethod >element. The package implementer shall use the result and the previously obtained <KeyInfo> element to confirm the <SignatureValue >element stored in the <SignedInfo> element. The package implementer shall decrypt the <SignatureValue>element using the public key prior to comparison.