Online XML Digital Signature Verifier
The Online XML Digital Signature Verifier verifies XML documents signed using XML-DSIG.
This version was first published in November 2022 (updated 2023-07-18). It is a replacement for the original previously here but sadly retired as of October 2022. See Acknowledgements.
You can copy/paste your XML data or upload a file.
In general you must include a <KeyValue>/<RSAKeyValue>
element in the <KeyInfo>
element
unless the signing certificate has been issued by a supported CA certificate (below).
For more details, see The KeyInfo element.
See Troubleshooting problems on the 'Online XML Digital Signature Verifier' for more help in interpreting results and fixing problems, and some examples.
Supported CA certificates
The following CA certificates are supported:
lamps-ca.rsa.cer
from [RFC9216]CarlRSASelf.cer
from [RFC4134]
If you use one of the following signing certificate/private key pairs to sign an XML-DSIG document
you do not need to provide a <RSAKeyValue>
element -
just a <X509Certificate>
element is sufficient.
lamps-alice.cer
andlamps-alice.p8
lamps-bob.cer
andlamps-bob.p8
AliceRSASignByCarl.cer
andAlicePrivRSASign.p8
Download the above files in various binary/PEM formats as a zip file.
See also
- Signing XML documents using XMLDSIG (Part 3) - a general treatment of XML-DSIG with examples
- Signing XML documents using XMLDSIG (Part 2) - example of an enveloped signature
- Signing XML documents using XMLDSIG (Part 1) - example of an enveloping signature
- Canonicalization of an XML document
Acknowledgements
The Online XML Digital Signature Verifier is based on
XML Security Library (xmlsec) | libXML2 | OpenSSL
in particular the xmlsec1 library under License.
Updated July 2023
2023-07-18. After changing servers to a new 64-bit platform, we have updated from using the code in xmldsigverify.c to just using the verify command in the xmlsec1 library. This results in slightly different output than before, so you will see "OK" and "FAIL" instead of "RESULT: Signature is OK" and "RESULT: Signature is INVALID".
References
- [XML-DSIG]
XML-Signature Syntax and Processing Version 1.1,
W3C Recommendation 11 April 2013,
<http://www.w3.org/TR/xmldsig-core/>.
Version 1.0 republished as:
- [RFC3275] RFC 3275, XML-Signature Syntax and Processing, D. Eastlake 3rd, J. Reagle, D. Solo, March 2002.
- [RFC4134] RFC 4134, Examples of S/MIME Messages, P. Hoffman (ed), July 2005.
- [RFC9216] RFC 9216, S/MIME Example Keys and Certificates, D. K. Gillmor (ed), April 2022.
- [XML-SIG-WG] XML Signature Working Group, <http://www.w3.org/Signature/>
Contact
Any comments, feedback, questions: please send us a message.
This page first published 15 November 2022. Last updated 18 July 2023.