Appendix C. Attaching and securing binary data in SOAP
In chapters 6 and 7, you saw how to encrypt and sign a message or parts of a message. The techniques you learned there allow you to encrypt and sign any data that is part of the SOAP message. As you recall from chapter 2, XML does not allow binary data. What if you want to send binary data with SOAP? And how do you encrypt and sign such data? We will answer these questions in this appendix.
XML does not allow arbitrary bytes (more precisely, octets, as the size of a byte isn’t guaranteed to be 8 bits on some rarely encountered platforms) to be included in element content. Only characters defined by the Unicode character set (excluding a few) are allowed using a character encoding scheme such as US-ASCII and UTF-8. This helps keep the text character of XML, allowing XML code to be inspected by humans using text editors.
But what if we want to include binary data (data containing arbitrary octets) such as certificates, signatures, compressed data, encrypted text, and images? We introduced a common trick, namely base64 encoding, to encode arbitrary bytes into character data, in chapter 4. Such encoded data can be embedded in XML, as seen in multiple places in chapter 4-7.