The format for an XMLDSIG-format approval object is as follows:
<XMLSignedData signedContent="...base64 transaction text ..."> <XMLSignature> <TSATimestamp> ...The base64 encoded PKCS7 timestamp token returned by the TSA... </TSATimestamp <Signature> <SignedInfo>...XMLDSIG stuff...</SignedInfo> <SignatureValue>...base64 signature value</SignatureValue> <KeyInfo>...cert info for signer</KeyInfo> </Signature> </XMLSignature> </XMLSignedData>
where:
The base64 approval data consists of the actual approval data text that is presented to the approver in the applet, encoded in base64 format.
The <TSATimestamp> element contains the base64 encoded PKCS7 timestamp response from the Timestamp Authority (TSA).
The entire <Signature> comprises the XMLDSIG signature data.
This XMLDSIG document that is stored in the XML column of the audit log approval record.