Sign and verify XML digital signatures from the command-line

The XML ValidatorBuddy software package includes a command-line tool, `valbuddy.exe`, located in the standard installation folder. This tool is designed to support batch operations for signing and verifying multiple XML documents.

Example: Signing Task

Below is an example of a settings XML used for running a signing task:

<?xml version="1.0" encoding="UTF-8"?>
            <batch_settings>
              <batch_units>
                <log_document path="D:\Documents\xml\sign_sampleprojects_log.xml"/>
                <options notify_finish="false" omit_results="false" omit_time="false" run_as_test="false" save_logdoc="true" timeout="-1" use_xmldate_format="true"/>
                <batch_unit output_folder="D:\Documents\xml\Sample Projects signed" overwrite="true" type="dsigsign">
                  <folder_settings folder="D:\Documents\xml\Sample Projects" subfolders="true"/>
                  <file_extensions>
                    <extension>xml</extension>
                  </file_extensions>
                  <parameters add_keyinfo="true" add_keyname="false" add_x509data="true" canonicalization="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" certificate_name="xmlbuddy" digest="" hash="" output_postfix="_signed" sign="all" signature_type="enveloped">
                    <transformations/>
                  </parameters>
                </batch_unit>
              </batch_units>
            </batch_settings>

During the batch task, a log file is generated at `D:\Documents\xml\sign_sampleprojects_log.xml`, which records the results for all documents processed from the source folder.

Example: Verification Task

To run a verification operation on an entire folder, the configuration XML would look like this:

<?xml version="1.0" encoding="UTF-8"?>
            <batch_settings>
              <batch_units>
                <log_document path="D:\Documents\xml\verify_sampleprojects_log.xml"/>
                <options notify_finish="false" omit_results="false" omit_time="false" run_as_test="false" save_logdoc="true" timeout="-1" use_xmldate_format="true"/>
                <batch_unit type="dsigverify">
                  <folder_settings folder="D:\Documents\xml\Sample Projects signed" subfolders="true"/>
                  <file_extensions>
                    <extension>xml</extension>
                  </file_extensions>
                  <parameters certificate_name="xmlbuddy"/>
                </batch_unit>
              </batch_units>
            </batch_settings>

Testing Signing and Verifying Operations

You can test signing and verifying operations directly in the **XML ValidatorBuddy** desktop application. The application provides a user-friendly interface for performing individual signing and verifying tasks on XML files before running them in batch mode via the command-line tool. This feature is especially useful for testing and fine-tuning your configuration settings before executing larger batch tasks.

XML Digital Signature Support

Please note that XML Digital Signature support, which is required for signing and verifying XML documents, is available only with the **Plus** license of XML ValidatorBuddy. The Plus license unlocks the full potential of digital signature operations, including advanced features for handling complex signing and verification processes. Without this license, the digital signature capabilities will not be available, even though basic XML validation and editing features will still function.

Adding a Certificate

To use a certificate for signing or verifying operations, it must be added to the XML ValidatorBuddy desktop application via the **Options** dialog. In this dialog, you can assign a custom name to the certificate for easy reference. In the examples provided above, the "xmlbuddy" test certificate is specified using the attribute `certificate_name="xmlbuddy"`.