XSign Overview
The XSign COM/DLL component assures the best document integrity for all types of files and
signer identity authentication on the basis of digital certificate verification techniques.
Adding digital signature functionality becomes necessary in order to secure the content of
electronic documents (invoices, orders, contracts, financial transactions, other formal and
personal documents) thus binding the message integrity with message signer authentication.
Signing and encrypting are basic mechanisms of applied security in e-business or e-government
platforms. Development of specialized and custom made applications requires advanced development
kits with the highest security and operation level.
In line with many information technology applications, signing standards are shifting into
the area of XML technology. XSign Software Development Kit (SDK) is one of the first
C++ based
software development kits to apply and verify XML Signatures over structured or unstructured data
as defined by W3C Organization (XMLDsig). Easy integration gives developers an opportunity to
experience the fast evolving standard in their custom build solutions.
Benefits
Using information technology for formal business and/or personal information exchange and
processing requires proof of authenticity and the protection of integrity. Legally binding
agreements and contracts, financial information and transactions, formal documents and records
need to be secured and signed while deploying e-business or e-governmental services. SETCCE
products provide excellent data integrity, message and signer authentication and signer
verification using PKI infrastructure.
XSign is designed to support the PKI X.509v3 digital certificates and HMAC passwords. It
runs in Microsoft Windows environment using integrated technology such as MS Certificate
store and MS CryptoAPI. It was developed with a single goal in mind: to provide a Windows
compatible powerful signing and verification tool for easy and prompt integration in development
processes.
XSign SDK is a tool for creating and verifying digital signatures in XML format defined by
W3C and IETF with the following features:
- COM/DLL technology
- Instant Function Call generation technology
- Support for major languages
- Powerful GUI for understanding XMLDsig and easier implementation
- MS CryptoAPI compatible
- MS Certificate store compatible
- Digital certificates (X.509v3) and passwords (HMAC) supported
- Certificate validity and certificate chain checking
- Certificate Revocation Lists (CRL) instant download and verification
The key features of XSign
- The entire component uses only two methods, one for digital signature generation and one for
digital signature verification, thus its implementation is extremely easy
- XSign includes both COM and DLL components, so it is up to the developer which one they use
for implementation and integration with their application
- An intuitive graphical user interface helping a user / developer in getting acquainted with
all XML based digital signature types. With no previous knowledge of complex XML signature syntax
it is possible to get familiar with different signature types and their usage depending on the
document types being signed. When the process of signing / verifying is finished, UI displays the
possibilities for programmer to choose between automatically generated COM/DLL method calls for
VBScript, JScript, Delphi and C++ according to chosen signature and file types. Those method calls
can be simply copied and pasted directly into development environment
- By double-clicking the icon on your desktop XSign2.0 can be used as a standalone end-user
application for protecting digital content
- Enables digital signing of any type, and number, of documents (.xml, .doc, .pdf, .xls, .ppt,
.txt, external files on the Internet); single signature for any document (type and number) combination
- Most suitable for structured XML document based applications - signing of one or more XML
documents or just some part of them
- Enables Public Key Infrastructure (PKI) digital certificate and password-based signing and
verification
- Digital certificate validation in the process of signing and verification. Signing certificate
time validity check, signing certificate chain check and optionally certificate revocation list
(CRL) checks are performed. Optionally signing certificate diagnostics dialog box can be displayed,
showing the results of signing certificate properties validity checks with certificate view option
- Support for smart cards; private key is stored on smart card where signing is also
performed (private key never leaves the smart card) - the most secure way for using the application
- Suitable for client-server web applications; signing process is performed on user computer
while signature verification is performed on Web server supporting COM technology (e.g.
Microsoft IIS Web server)
- Enveloping, enveloped and detached XML-based digital signatures can be applied to any
signing content type
- XSign directly implements Microsoft CryptoAPI methods for cryptographic algorithms and
digital certificate status verification
XSign Main
