XML-Signature Syntax and Processing

6.4.1 DSA

Identifier:: http://www.w3.org/2000/09/xmldsig#dsa-sha1

The DSA algorithm [DSS] takes no explicit parameters. An example of a DSA SignatureMethod element is:

   <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>

The output of the DSA algorithm consists of a pair of integers usually referred by the pair (r, s). The signature value consists of the base64 encoding of the concatenation of two octet-streams that respectively result from the octet-encoding of the values r and s in that order. Integer to octet-stream conversion must be done according to the I2OSP operation defined in the RFC 2437 [PKCS1] specification with a l parameter equal to 20. For example, the SignatureValue element for a DSA signature (r, s) with values specified in hexadecimal:

   r = 8BAC1AB6 6410435C B7181F95 B16AB97C 92B341C0 
   s = 41E2345F 1F56DF24 58F426D1 55B4BA2D B6DCD8C8

from the example in Appendix 5 of the DSS standard would be

   <SignatureValue>
   i6watmQQQ1y3GB+VsWq5fJKzQcBB4jRfH1bfJFj0JtFVtLotttzYyA==</SignatureValue>