SignatureMethod Algorithm for DigestMethod Algorithm in XML Signature
If we take the following signature element as an example:
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#_884D49DAD03AD60748547F8322C11AA0">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>...</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>...</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>...</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
There is a SignatureMethod algorithm ( http://www.w3.org/2000/09/xmldsig#rsa-sha1 ) and a DigestMethod algorithm ( http://www.w3.org/2000/09/xmldsig#sha1 ).
As I understand it, the SignatureMethod algorithm being "rsa-sha1" means that the content to be signed is first hashed (digested) using SHA1 and then signed using RSA.
Is the DigestMethod algorithm always equal to the Digest Engine specified in the SignatureMethod algorithm (sha1 part of 'rsa-sha1')?
I believe this is not the case, because it would be useless to specify the same algorithm twice. What I'm guessing is that there may be multiple links that can be digested using different DigestMethod algorithms, and the collection of these digests will be hashed again using the digest mechanism specified by the SignatureMethod algorithm.
I'm trying to figure this out by referring to the XML Signature Syntax and Processing specification. Would really appreciate if someone could confirm if I understood correctly or explain the purposes that are served by these two algorithms. Thank.
source to share