Optimization of signing soap body element
First Claim
1. A computer implemented method for processing an extensible markup language digital signature, the computer implemented method comprising:
- receiving a non-canonicalized serialized byte array and a source hash value, wherein the non-canonicalized serialized byte array comprises a source extensible markup language document, wherein the source hash value is calculated using the non-canonicalized serialized byte array, a source offset that indicates a beginning of the source extensible markup language document, and a source length value that indicates a total length of one of the source extensible markup language document or a payload, and wherein the source hash value is an element in the extensible markup language digital signature used to sign a subset of the non-canonicalized serialized byte array;
calculating, by a computer, a target offset and a target length value of a signed part in the non-canonicalized serialized byte array;
calculating a target hash value using the non-canonicalized serialized byte array, the target offset, and the target length value; and
verifying an integrity of the non-canonicalized serialized byte array by comparing the target hash value and the source hash value.
1 Assignment
0 Petitions
Accused Products
Abstract
An XML digital signature mechanism for providing message integrity. A sending party serializes a source XML document into a serialized byte array, calculates the source offset and length of the array of the signed part in the serialized byte array, and calculates a source hash value using the serialized array and the source offset and length. The serialized byte array is a non-canonicalized array. The array and source hash value used to sign a part or the whole of the serialized byte array is sent to a receiving party. The receiving party calculates the target offset and length of the signed part in the serialized byte array and calculates a target hash value of the signed part by using the array and the target offset and length. The receiving party compares the target hash value and the source hash value to verify the integrity of the target XML document.
-
Citations
20 Claims
-
1. A computer implemented method for processing an extensible markup language digital signature, the computer implemented method comprising:
-
receiving a non-canonicalized serialized byte array and a source hash value, wherein the non-canonicalized serialized byte array comprises a source extensible markup language document, wherein the source hash value is calculated using the non-canonicalized serialized byte array, a source offset that indicates a beginning of the source extensible markup language document, and a source length value that indicates a total length of one of the source extensible markup language document or a payload, and wherein the source hash value is an element in the extensible markup language digital signature used to sign a subset of the non-canonicalized serialized byte array; calculating, by a computer, a target offset and a target length value of a signed part in the non-canonicalized serialized byte array; calculating a target hash value using the non-canonicalized serialized byte array, the target offset, and the target length value; and verifying an integrity of the non-canonicalized serialized byte array by comparing the target hash value and the source hash value. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus comprising:
-
a bus; a storage device connected to the bus, wherein the storage device contains computer usable code; at least one managed device connected to the bus; a communications unit connected to the bus; and a processing unit connected to the bus, wherein the processing unit executes the computer usable code to receive a non-canonicalized serialized byte array and a source hash value, wherein the non-canonicalized serialized byte array comprises a source extensible markup language document, wherein the source hash value is calculated using the non-canonicalized serialized byte array, a source offset that indicates a beginning of the source extensible markup language document, and a source length value that indicates a total length of one of the source extensible markup language document or a payload, and wherein the source hash value is an element in the extensible markup language digital signature used to sign a subset of the non-canonicalized serialized byte array;
calculate a target offset and a target length value of a signed part in the non-canonicalized serialized byte array;
calculate a target hash value using the non-canonicalized serialized byte array, the target offset, and the target length value; and
compare the target hash value and the source hash value to verify an integrity of the non-canonicalized serialized byte array. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer program product for processing an extensible markup language digital signature in a non-transitory computer recordable storage medium having computer usable program code stored thereon, the computer usable program code for execution by a computer, comprising:
-
computer usable program code for receiving a non-canonicalized serialized byte array and a source hash value, wherein the non-canonicalized serialized byte array comprises a source extensible markup language document, wherein the source hash value is calculated using the non-canonicalized serialized byte array, a source offset that indicates a beginning of the source extensible markup language document, and a source length value that indicates a total length of one of the source extensible markup language document or a payload, and wherein the source hash value is an element in the extensible markup language digital signature used to sign a subset of the non-canonicalized serialized byte array; computer usable program code for calculating a target offset and a target length value of a signed part in the non-canonicalized serialized byte array; computer usable program code for calculating a target hash value using the non-canonicalized serialized byte array, the target offset, and the target length value; and computer usable program code for comparing the target hash value and the source hash value to verify an integrity of the non-canonicalized serialized byte array. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification