Definition

XML canonicalization (C14n) is needed for XML signatures. The canonicalization standard describes the representation of a XML document. The XML document structure allows it, to define the attributes and values in various declarations. The signature operations (sign or verify) require a unique representation, because internally the integrity of the document is checked. This is done by a cryptographic hash algorithm. Therefore the signature operation demands to transform the XML document in a unique form.

The XML canonicalization is specified in different RFC standards, e.g. RFC 3076 or RFC 3741. There are the standards:

• Inclusive Namespace
• Exclusive Namespace

These two algorithms are defined also in the form with and without comments.

The SAP implementation supports only a canonicalization without comments.

The standard requires only canonicalization without comments and recommends the other only.

Use

The usage of the inclusive or exclusive depends on an agreement of the partner implementation. The inclusive canonicalization was defined prior as canonical XML 1.0 and therefore this standard is more spread over the external implementations. If possible you should always use the canonical XML 1.1 standard, which means exclusive namespace declaration. This standard is used by default in the class CL_SEC_SXML_DSIGNATURE.

Dependencies

RFC 3076 and 3741. The canonicalization of the XML is done in the ABAP kernel.

Example

Inclusive XML canonicalization:

<xml xmlns:a="http://x" xmlns:b="http://y">value<//a:node><//xml>

is transformed to canonicalization form:

<xml xmlns:a="http://x" xmlns:b="http://y">value<//a:node><//xml>

Exclusive XML canonicalization:

<xml xmlns:a="http://x" xmlns:b="http://y">value<//a:node><//xml>

is transformed to canonicalization form:

<xml xmlns:a="http://x"value<//a:node><//xml>