zno2

XAdES-L 是什么东西 (附 xmldsig.xsd & XAdES.xsd)

 

首先订正,没有XAdES-L ,只有 XAdES-X-L

https://en.wikipedia.org/wiki/XAdES

 

  • XAdES (also named XAdES-BES for "Basic Electronic Signature"), basic form just satisfying Directive legal requirements for advanced signature;
  • XAdES-T (timestamp), adding timestamp field to protect against repudiation;
  • XAdES-C (complete), adding references to verification data (certificates and revocation lists) to the signed documents to allow off-line verification and verification in future (but does not store the actual data);
  • XAdES-X (extended), adding timestamps on the references introduced by XAdES-C to protect against possible compromise of certificates in chain in future;
  • XAdES-X-L (extended long-term), adding actual certificates and revocation lists to the signed document to allow verification in future even if their original source is not available;
  • XAdES-A (archival), adding possibility for periodical timestamping (e.g. each year) of the archived document to prevent compromise caused by weakening signature during long-time storage period.

XAdES 文档

http://www.etsi.org/deliver/etsi_ts%5C101900_101999%5C101903%5C01.04.02_60%5Cts_101903v010402p.pdf

XAdES 语法

http://uri.etsi.org/01903/v1.4.1/XAdES01903v141-201601.xsd

xmldsig 语法

https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd#

 

"?" denotes zero or one occurrence; (0/1)

"+" denotes one or more occurrences;(1/N)

"*" denotes zero or more occurrences.(0/N)

 

最简 -X-L 示例:

<?xml version="1.0" encoding="utf-8"?>

<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">  
  <ds:SignedInfo> 
    <ds:CanonicalizationMethod/>  
    <ds:SignatureMethod/>  
    <ds:Reference> 
      <ds:DigestMethod/>  
      <ds:DigestValue/> 
    </ds:Reference> 
  </ds:SignedInfo>  
  <ds:SignatureValue/>  
  <ds:Object> 
    <QualifyingProperties> 
      <SignedProperties> 
        <SignedSignatureProperties></SignedSignatureProperties>  
        <SignedDataObjectProperties></SignedDataObjectProperties> 
      </SignedProperties>  
      <UnsignedProperties> 
        <UnsignedSignatureProperties>(CompleteCertificateRefs) (CompleteRevocationRefs) (CertificatesValues) (RevocationValues)</UnsignedSignatureProperties> 
      </UnsignedProperties> 
    </QualifyingProperties> 
  </ds:Object> 
</ds:Signature>

 

最简 -BES 示例:

<?xml version="1.0" encoding="utf-8"?>

<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">  
  <ds:SignedInfo> 
    <ds:CanonicalizationMethod/>  
    <ds:SignatureMethod/>  
    <ds:Reference> 
      <ds:DigestMethod/>  
      <ds:DigestValue/> 
    </ds:Reference> 
  </ds:SignedInfo>  
  <ds:SignatureValue/>  
  <ds:Object> 
    <QualifyingProperties> 
      <SignedProperties> 
        <SignedSignatureProperties></SignedSignatureProperties>  
        <SignedDataObjectProperties></SignedDataObjectProperties> 
      </SignedProperties>  
      <UnsignedProperties> 
        <UnsignedSignatureProperties></UnsignedSignatureProperties> 
      </UnsignedProperties> 
    </QualifyingProperties> 
  </ds:Object> 
</ds:Signature>

 

posted on 2023-06-06 13:16  zno2  阅读(33)  评论(0编辑  收藏  举报

导航