Chapter 7. Using digital signatures

This chapter covers

XML canonicalization
XML signature
Signing SOAP messages

In the previous chapter, we learned how to apply encryption to safeguard the confidentiality of messages. When studying the basics of encryption and PKI, we also briefly looked at digital signatures and how they aid in the detection of message tampering. In this chapter, we will study signatures in detail, particularly to verify the integrity of SOAP messages received over an unsafe network.

The theory behind digital signatures is easy—in fact, we learned most of it in the previous chapter. Just like with encryption, the structure of the data, namely XML and SOAP, makes signing of a SOAP message complex. Before going into these ...

Get SOA Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SOA Security by Ramarao Kanneganti, Prasad Chodavarapu

Chapter 7. Using digital signatures

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly