package module
v1.4.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Apr 20, 2023 License: Apache-2.0 Imports: 20 Imported by: 391



Build Status GoDoc

XML Digital Signatures implemented in pure Go.


Install goxmldsig using go get:

$ go get github.com/russellhaering/goxmldsig


Include the types.Signature struct from this package in your application messages.

import (
    sigtypes "github.com/russellhaering/goxmldsig/types"

type AppHdr struct {
    Signature *sigtypes.Signature
package main

import (

func main() {
    // Generate a key and self-signed certificate for signing
    randomKeyStore := dsig.RandomKeyStoreForTest()
    ctx := dsig.NewDefaultSigningContext(randomKeyStore)
    elementToSign := &etree.Element{
        Tag: "ExampleElement",
    elementToSign.CreateAttr("ID", "id1234")

    // Sign the element
    signedElement, err := ctx.SignEnveloped(elementToSign)
    if err != nil {

    // Serialize the signed element. It is important not to modify the element
    // after it has been signed - even pretty-printing the XML will invalidate
    // the signature.
    doc := etree.NewDocument()
    str, err := doc.WriteToString()
    if err != nil {

Signature Validation
// Validate an element against a root certificate
func validate(root *x509.Certificate, el *etree.Element) {
    // Construct a signing context with one or more roots of trust.
    ctx := dsig.NewDefaultValidationContext(&dsig.MemoryX509CertificateStore{
        Roots: []*x509.Certificate{root},

    // It is important to only use the returned validated element.
    // See: https://www.w3.org/TR/xmldsig-bestpractices/#check-what-is-signed
    validated, err := ctx.Validate(el)
    if err != nil {

    doc := etree.NewDocument()
    str, err := doc.WriteToString()
    if err != nil {



This library was created in order to implement SAML 2.0 without needing to execute a command line tool to create and validate signatures. It currently only implements the subset of relevant standards needed to support that implementation, but I hope to make it more complete over time. Contributions are welcome.




View Source
const (
	DefaultPrefix = "ds"
	Namespace     = "http://www.w3.org/2000/09/xmldsig#"
View Source
const (
	SignatureTag              = "Signature"
	SignedInfoTag             = "SignedInfo"
	CanonicalizationMethodTag = "CanonicalizationMethod"
	SignatureMethodTag        = "SignatureMethod"
	ReferenceTag              = "Reference"
	TransformsTag             = "Transforms"
	TransformTag              = "Transform"
	DigestMethodTag           = "DigestMethod"
	DigestValueTag            = "DigestValue"
	SignatureValueTag         = "SignatureValue"
	KeyInfoTag                = "KeyInfo"
	X509DataTag               = "X509Data"
	X509CertificateTag        = "X509Certificate"
	InclusiveNamespacesTag    = "InclusiveNamespaces"


View Source
const (
	AlgorithmAttr  = "Algorithm"
	URIAttr        = "URI"
	DefaultIdAttr  = "ID"
	PrefixListAttr = "PrefixList"
View Source
const (
	RSASHA1SignatureMethod     = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
	RSASHA256SignatureMethod   = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
	RSASHA384SignatureMethod   = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
	RSASHA512SignatureMethod   = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
	ECDSASHA1SignatureMethod   = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"
	ECDSASHA256SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"
	ECDSASHA384SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"
	ECDSASHA512SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"


View Source
var (
	ErrNonRSAKey           = fmt.Errorf("Private key was not RSA")
	ErrMissingCertificates = fmt.Errorf("No public certificates provided")

Well-known errors

View Source
var (
	// ErrMissingSignature indicates that no enveloped signature was found referencing
	// the top level element passed for signature verification.
	ErrMissingSignature = errors.New("Missing signature referencing the top-level element")
	ErrInvalidSignature = errors.New("Invalid Signature")


This section is empty.


type AlgorithmID

type AlgorithmID string
const (
	// Supported canonicalization algorithms
	CanonicalXML10ExclusiveAlgorithmId             AlgorithmID = "http://www.w3.org/2001/10/xml-exc-c14n#"
	CanonicalXML10ExclusiveWithCommentsAlgorithmId AlgorithmID = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"

	CanonicalXML11AlgorithmId             AlgorithmID = "http://www.w3.org/2006/12/xml-c14n11"
	CanonicalXML11WithCommentsAlgorithmId AlgorithmID = "http://www.w3.org/2006/12/xml-c14n11#WithComments"

	CanonicalXML10RecAlgorithmId          AlgorithmID = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
	CanonicalXML10WithCommentsAlgorithmId AlgorithmID = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"

	EnvelopedSignatureAltorithmId AlgorithmID = "http://www.w3.org/2000/09/xmldsig#enveloped-signature"

Well-known signature algorithms

func (AlgorithmID) String

func (id AlgorithmID) String() string

type Canonicalizer

type Canonicalizer interface {
	Canonicalize(el *etree.Element) ([]byte, error)
	Algorithm() AlgorithmID

Canonicalizer is an implementation of a canonicalization algorithm.

func MakeC14N10ExclusiveCanonicalizerWithPrefixList

func MakeC14N10ExclusiveCanonicalizerWithPrefixList(prefixList string) Canonicalizer

MakeC14N10ExclusiveCanonicalizerWithPrefixList constructs an exclusive Canonicalizer from a PrefixList in NMTOKENS format (a white space separated list).

func MakeC14N10ExclusiveWithCommentsCanonicalizerWithPrefixList added in v1.2.0

func MakeC14N10ExclusiveWithCommentsCanonicalizerWithPrefixList(prefixList string) Canonicalizer

MakeC14N10ExclusiveWithCommentsCanonicalizerWithPrefixList constructs an exclusive Canonicalizer from a PrefixList in NMTOKENS format (a white space separated list).

func MakeC14N10RecCanonicalizer

func MakeC14N10RecCanonicalizer() Canonicalizer

MakeC14N10RecCanonicalizer constructs an inclusive canonicalizer.

func MakeC14N10WithCommentsCanonicalizer added in v1.2.0

func MakeC14N10WithCommentsCanonicalizer() Canonicalizer

MakeC14N10WithCommentsCanonicalizer constructs an inclusive canonicalizer.

func MakeC14N11Canonicalizer

func MakeC14N11Canonicalizer() Canonicalizer

MakeC14N11Canonicalizer constructs an inclusive canonicalizer.

func MakeC14N11WithCommentsCanonicalizer added in v1.2.0

func MakeC14N11WithCommentsCanonicalizer() Canonicalizer

MakeC14N11WithCommentsCanonicalizer constructs an inclusive canonicalizer.

func MakeNullCanonicalizer added in v1.1.1

func MakeNullCanonicalizer() Canonicalizer

type Clock

type Clock struct {
	// contains filtered or unexported fields

Clock wraps a clockwork.Clock (which could be real or fake) in order to default to a real clock when a nil *Clock is used. In other words, if you attempt to use a nil *Clock it will defer to the real system clock. This allows Clock to be easily added to structs with methods that currently reference the time package, without requiring every instantiation of that struct to be updated.

func NewFakeClock

func NewFakeClock(wrapped clockwork.Clock) *Clock

func NewFakeClockAt

func NewFakeClockAt(t time.Time) *Clock

func NewRealClock

func NewRealClock() *Clock

func (*Clock) After

func (c *Clock) After(d time.Duration) <-chan time.Time

func (*Clock) Now

func (c *Clock) Now() time.Time

func (*Clock) Sleep

func (c *Clock) Sleep(d time.Duration)

type MemoryX509CertificateStore

type MemoryX509CertificateStore struct {
	Roots []*x509.Certificate

func (*MemoryX509CertificateStore) Certificates

func (mX509cs *MemoryX509CertificateStore) Certificates() ([]*x509.Certificate, error)

type MemoryX509KeyStore

type MemoryX509KeyStore struct {
	// contains filtered or unexported fields

func (*MemoryX509KeyStore) GetKeyPair

func (ks *MemoryX509KeyStore) GetKeyPair() (*rsa.PrivateKey, []byte, error)

type NullCanonicalizer added in v1.1.1

type NullCanonicalizer struct {

func (*NullCanonicalizer) Algorithm added in v1.1.1

func (c *NullCanonicalizer) Algorithm() AlgorithmID

func (*NullCanonicalizer) Canonicalize added in v1.1.1

func (c *NullCanonicalizer) Canonicalize(el *etree.Element) ([]byte, error)

type SigningContext

type SigningContext struct {
	Hash crypto.Hash

	// This field will be nil and unused if the SigningContext is created with
	// NewSigningContext
	KeyStore      X509KeyStore
	IdAttribute   string
	Prefix        string
	Canonicalizer Canonicalizer
	// contains filtered or unexported fields

func NewDefaultSigningContext

func NewDefaultSigningContext(ks X509KeyStore) *SigningContext

func NewSigningContext added in v1.3.0

func NewSigningContext(signer crypto.Signer, certs [][]byte) (*SigningContext, error)

NewSigningContext creates a new signing context with the given signer and certificate chain. Note that e.g. rsa.PrivateKey implements the crypto.Signer interface. The certificate chain is a slice of ASN.1 DER-encoded X.509 certificates. A SigningContext created with this function should not use the KeyStore field. It will return error if passed a nil crypto.Signer

func (*SigningContext) ConstructSignature

func (ctx *SigningContext) ConstructSignature(el *etree.Element, enveloped bool) (*etree.Element, error)

func (*SigningContext) GetDigestAlgorithmIdentifier

func (ctx *SigningContext) GetDigestAlgorithmIdentifier() string

func (*SigningContext) GetSignatureMethodIdentifier

func (ctx *SigningContext) GetSignatureMethodIdentifier() string

func (*SigningContext) SetSignatureMethod

func (ctx *SigningContext) SetSignatureMethod(algorithmID string) error

func (*SigningContext) SignEnveloped

func (ctx *SigningContext) SignEnveloped(el *etree.Element) (*etree.Element, error)

func (*SigningContext) SignString

func (ctx *SigningContext) SignString(content string) ([]byte, error)

Useful for signing query string (including DEFLATED AuthnRequest) when using HTTP-Redirect to make a signed request. See DEFLATE Encoding of https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf

type TLSCertKeyStore

type TLSCertKeyStore tls.Certificate

TLSCertKeyStore wraps the stdlib tls.Certificate to return its contained key and certs.

func (TLSCertKeyStore) GetChain

func (d TLSCertKeyStore) GetChain() ([][]byte, error)

GetChain impliments X509ChainStore using the underlying tls.Certificate

func (TLSCertKeyStore) GetKeyPair

func (d TLSCertKeyStore) GetKeyPair() (*rsa.PrivateKey, []byte, error)

GetKeyPair implements X509KeyStore using the underlying tls.Certificate

type ValidationContext

type ValidationContext struct {
	CertificateStore X509CertificateStore
	IdAttribute      string
	Clock            *Clock

func NewDefaultValidationContext

func NewDefaultValidationContext(certificateStore X509CertificateStore) *ValidationContext

func (*ValidationContext) Validate

func (ctx *ValidationContext) Validate(el *etree.Element) (*etree.Element, error)

Validate verifies that the passed element contains a valid enveloped signature matching a currently-valid certificate in the context's CertificateStore.

type X509CertificateStore

type X509CertificateStore interface {
	Certificates() (roots []*x509.Certificate, err error)

type X509ChainStore

type X509ChainStore interface {
	GetChain() (certs [][]byte, err error)

type X509KeyStore

type X509KeyStore interface {
	GetKeyPair() (privateKey *rsa.PrivateKey, cert []byte, err error)

func RandomKeyStoreForTest

func RandomKeyStoreForTest() X509KeyStore


Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL