Question

I am reasonably familiar with basic digital signing. And currently reading up on XMLDSIG.

This page explains how to sign

http://www.di-mgt.com.au/xmldsig.html

I am unable to figure what key is stored in field of the sample output XML file on the page?

Signed Certificates have a public key. However why should a signed document have a RSA key embedded in it - whose key is this?

Was it helpful?

Solution

If you sign the data using just the private RSA key (in opposite to sign it using X.509 certificate with a private key), you include public RSA key into KeyInfo.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top