INFO: Interoperability of the .NET SignedXml Class with IBM XML Security Suite (331370)


The information in this article applies to:

  • Microsoft .NET Framework Class Libraries 1.0
This article was previously published under Q331370

SUMMARY

The .NET SignedXml class provides a wrapper around the core XML signature object to make it easier to create and verify XML signatures. Applications that use SignedXml and that interoperate with the Java classes in IBM's XML Security Suite, must interoperate correctly.

This article describes the key issues that you must consider when using SignedXml in these situations.

MORE INFORMATION

If you use .NET SignedXml to create XML signatures, and if you use IBM XML Security suite Java class to verify them or vice-versa, you must address the following issues to make sure the interoperability works correctly:
  • Preserving white space
  • UTF-8 Encoding

Preserving White Space

  • When you load and save XML data, always set PreserveWhiteSpace=true, and do not use streams.
  • When you use the .NET XmlDocument class, the white space handling during the load and save processes can be controlled by the PreserveWhiteSpace property. The default value is False.
  • How PreserveWhitespace behaves if called before Load or LoadXml is called, depends on its value:
    • If PreserveWhitespace is True, white space nodes are preserved.
    • If PreserveWhitespace is False, significant white space is preserved, however, white space is not preserved.
  • How PreserveWhitespace behaves if called before Save is called also depends on its value:
    • If PreserveWhitespace is True, white space in the document is preserved in the output.
    • If PreserveWhitespace is False, XmlDocument auto-indents the output.

UTF-8 Encoding

  • Although XML data is considered "platform independent", you must use correct encoding so that transfer of XML data occurs correctly between different platforms.
  • For UTF-8 encoding, you have to prefix the EF BB BF byte-order mark. A byte-order mark informs an application that is receiving a file that the file is byte ordered (the byte-order mark is not a control character that selects the byte order of the text).
    • If an encoding attribute exists, or if a byte-order mark is present in the input XML data, .NET implementation will always write the byte-order mark in the XML output.
    • If the byte-order mark is present in the XML output, by default, IBM XML Security Suite Java class does not recognize the XML data.
  • If no encoding attribute exists, and if no byte-order mark exists in the input XML file, the default is to use UTF-8. To interoperate correctly with IBM XML Security Suite, with the default setting, remove the encoding attribute (the first line in the input XML file).

REFERENCES

For more information about how character encoding works in XML, visit the following MSDN Web site:

Encoding in XML
http://msdn.microsoft.com/library/en-us/dnxml/html/xmlencodings.asp?frame=true



For more information about how to use the byte-order mark as an XML encoding standard, visit the following MSDN Web site:

Byte Order Mark
http://msdn.microsoft.com/library/en-us/intl/unicode_42jv.asp?frame=true

Modification Type:MajorLast Reviewed:10/20/2003
Keywords:kbinfo kbKernBase kbSecurity KB331370
©2003 Microsoft Corporation. All rights reserved.