Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / Security / August 2007

Tip: Looking for answers? Try searching our database.

Manually computing sha1 digest of reference containing base64 encoded string and comparing it to digest value of same reference generated by SignedXML.ComputeSignature - Does not match

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
sachinvyas@gmail.com - 21 Aug 2007 20:37 GMT
I have an XML which I am trying to sign and provide it to one of my
users.

The XML has two nodes one which has public part which is not encrypted
and other which is private data. The data in private node has data
encrypted using users public key for transfering confidential
information ( base64string with line breaks after 76 chars -
InsertLineBreaks format option)

When I sign the XML I create add references, one for public node and
other for user data to SignedXML.

           _x509SignerCert =
GetCertificateFromStore(_SignerCertLocation, _SignerCertSubject);
           if (_x509SignerCert == null)
               return;
           SignedXml sig = new SignedXml(_xmlDocToSign);
           XmlNamespaceManager nsm = new XmlNamespaceManager(new
NameTable());
           nsm.AddNamespace("dsig", SignedXml.XmlDsigNamespaceUrl);
           sig.SignedInfo.CanonicalizationMethod = "http://www.w3.org/
TR/2001/REC-xml-c14n-20010315#WithComments";
           sig.SignedInfo.SignatureMethod = "http://www.w3.org/
2000/09/xmldsig#rsa-sha1";
           sig.SigningKey = _x509SignerCert.PrivateKey;
           Reference docRef = new Reference("#ID_MyPublicNode");
           sig.AddReference(docRef);
           Reference docRef1 = new Reference("#ID_MyUserData");
           sig.AddReference(docRef1);
           KeyInfo ki = new KeyInfo();
           X509Chain ch = new X509Chain();
           ch.Build(_x509SignerCert);
           foreach (X509ChainElement element in ch.ChainElements)
           {
               KeyInfoX509Data _X509Data_ = new
KeyInfoX509Data(element.Certificate);
               string Issuer = element.Certificate.Issuer;
               _X509Data_.AddIssuerSerial(Issuer,
element.Certificate.GetSerialNumberString());
               ki.AddClause(_X509Data_);
           }
           sig.KeyInfo = ki;
           sig.ComputeSignature();

Once I compute the signature I append the signature node to XMLDoc and
send it to the User.

Issue is user says that the digest information of the referenced data
in signature does not match so I started analyzing XML.

I started generating the Digest for individual node ( MyPublicNode and
MyUserData)  using the following code. The digest value generated for
MyPublicNode matches with the value in reference item in signature but
does not match for the MyUserData.  What I have found is  if I remove
the newline from my base64 string in ciphervalue  ( stop using
Base64FormattingOptions.InsertLineBreaks) then I am bale to match the
digest value but if the newline is there then I am not sure how
computeSignature generates the digest for MyUserData node.

       private bool  ValidateXMLReferenceDigest(String _XMLFile)
       {
           bool bCompare = false;
           XmlDocument _SourceXML = new XmlDocument();
           _SourceXML.PreserveWhitespace = true;
           try
           {
               X509Certificate2 _X509SignersMainCert = null;
               _SourceXML.Load(_XMLFile);
               XmlNodeList _nodeList =
_SourceXML.GetElementsByTagName("Signature", "http://www.w3.org/
2000/09/xmldsig#");
               if (_nodeList.Count > 0)
               {
                   System.Xml.XmlNamespaceManager _xmlNameSpaceMgr =
new XmlNamespaceManager(_SourceXML.NameTable);
                   _xmlNameSpaceMgr.AddNamespace("DC",
_SourceXML.DocumentElement.NamespaceURI);
                   _xmlNameSpaceMgr.AddNamespace("ds", "http://
www.w3.org/2000/09/xmldsig#");

                   //Get the Signers Cert from the XML and build the
chain.
                   // First Cert in the certlist is the signers cert.
                   XmlNodeList _X509List = _SourceXML.SelectNodes(".//
ds:Signature/ds:KeyInfo/ds:X509Data/ds:X509Certificate",
_xmlNameSpaceMgr);
                   X509Chain _Chain = new X509Chain(true);
                   int i = 0;
                   foreach (XmlNode _X509Cert in _X509List)
                   {
                       byte[] CertRawData =
System.Convert.FromBase64String(_X509Cert.InnerText);
                       if (i == 0)
                       {
                           _X509SignersMainCert = new
X509Certificate2(CertRawData);
                           i++;
                       }
                       else
                       {
                           _Chain.ChainPolicy.ExtraStore.Add(new
X509Certificate2(CertRawData));

                       }
                   }
                   _Chain.Build(_X509SignersMainCert);

                   SignedXml sigTest = new SignedXml(_SourceXML);
                   sigTest.LoadXml((XmlElement)_nodeList[0]);
                   sigTest.SigningKey =
(RSACryptoServiceProvider)_X509SignersMainCert.PublicKey.Key;

                   //Get Refrences in the signature
                   foreach (Reference docRef1_temp in
sigTest.SignedInfo.References)
                   {
                       string _InXmlVal1 = string.Format(@".//
*[@Id='{0}']", docRef1_temp.Uri.Substring(1));
                       XmlNodeList _X509List11 =
_SourceXML.SelectNodes(_InXmlVal1, _xmlNameSpaceMgr);
                       if (_X509List11.Count > 0)
                       {
                           //Load the node in XMLDoc
                           XmlDocument _Doc11 = new
XmlDocument();
                           _Doc11.PreserveWhitespace = true;
                           _Doc11.LoadXml(_X509List11[0].OuterXml);

                           //Canonicalize transformation with
comments
                           XmlDsigC14NTransform xmlC14T = new
XmlDsigC14NTransform(true);

                           xmlC14T.LoadInput(_Doc11);
                           SHA1 sha1 = SHA1.Create();
                           byte[] hashFromNode =
xmlC14T.GetDigestedOutput(sha1);
                           string _strDigestFromRefElement =
Convert.ToBase64String(hashFromNode);

                           byte[] _InSignatatureValHash =
docRef1_temp.DigestValue;
                           string _strDigestFromRefSig =
Convert.ToBase64String(docRef1_temp.DigestValue);

                           bCompare =
string.Compare(_strDigestFromRefElement, _strDigestFromRefSig) == 0;

                           if (!bCompare)
                               break;
                       }
                   }
               }

           }
           catch (Exception Exp)
           {

           }
           return bCompare;
       }

Any suggestions pointers to correct the code/resolve the issue.

Below is the Signed XML with newline in Cipher value.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><MyMessage
xmlns="http://www.letsgohome.com/DingDong-20070820#"><MyPublic
Id="ID_MyPublicNode"><MessageId>urn:uuid:1e315f76-44f3-44a2-
af37-2dffb992a6fc</MessageId><MessageType>http://www.letsgohome.com/
DingDong-20070820# </MessageType><AnnotationText>Validate the Hash for
reference nodes</AnnotationText><IssueDate>2007-08-19T06:35:07-00:00</
IssueDate><RequiredExtensions><ContentKeysNotValidBefore>2007-08-19T06:34:19-00:00</
ContentKeysNotValidBefore><ContentKeysNotValidAfter>2007-08-31T06:34:19-00:00</
ContentKeysNotValidAfter><KeyIdList><KeyId>urn:uuid:415de2f2-3b4a-
d344-8255-42cfba43ca12</KeyId></KeyIdList></
RequiredExtensions><NonCriticalExtensions /></MyPublic><MyUserData
Id="ID_MyUserData" xmlns:enc=" http://www.w3.org/2001/04/xmlenc#"><enc:EncryptedKey><enc:EncryptionMethod
Algorithm=" http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" /
><enc:CipherData><enc:CipherValue>rjnjMF+12ErjTs4ov3YK
+d9eeiKYt22pG50wsi1XakLQ/vt9GuZ4eRuy/CuyB57hXzvntw5BAmgY
XEx1npJbbb4D2BuBKvyOohRf5ROA6qIuX+jWxEVSI9eVg+/+SXwE4NH6/
QD1+2En9EG8aPR8geG6
+3c3Gy/RYzOqzkuYkyvDWz9FZcVoCR3hgr+t2dTg4Yp1yo4oMGbBbLE81O7wOv/
YCrze6e6HajK5
Gxt4Sz0TzHoGtKmWBMtWVuQqVpMMB4lQdBdLwGgNUv/oPDfilb
+glTgXkypLi64M8zebKsdJgcMP
1fIvO9rYrvIHOVmp/3ntShoV9lWqqeEjCv/yeQ==</enc:CipherValue></
enc:CipherData></enc:EncryptedKey></MyUserData><Signature xmlns="
http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod
Algorithm=" http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-
sha1" /><Reference URI="#ID_MyPublicNode"><DigestMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>MlRC/+/
7xJT4imrZHgOJ/4B8m94=</DigestValue></Reference><Reference
URI="#ID_MyUserData"><DigestMethod Algorithm=" http://www.w3.org/2000/09/xmldsig#sha1"
/><DigestValue>rt+8bQ7tmB/9jQTIEfSPFhsf3Ro=</DigestValue></Reference></
SignedInfo><SignatureValue>GGtYL1wVwUgvATZa/
sHI9VXdNkCqduh0Ujl9YAUN0+e34hXVTHVmfJqVoq45sKXm0btdzrh0f5jSox2JBhzgTBDJeMtVDRJAFdifs2yABDvpD1aVz0wawJ80SG9c2aSk3x3qzF
+ysCpzubEuxY2t0GscfMuIJMWzBqEPbcwVW8JznNg1M/
7ac1zvLEOiwLYJFuAYYHR6AkFuhdv3tHhVso+ACkY4E9aavgrNdg4OXU9X
+acoxXnh9kh0dlUXhMiS0/UOyhitZKVpodEvh4tsIBPMsIJdBUp2dkqCiSlY4QNS
+HczarGp8g91jb9KtFaQkG34OglE3O0dw89cgnPaSg==</
SignatureValue><KeyInfo><X509Data><X509IssuerSerial><X509IssuerName>CN="CineCert,
LLC D-Cinema Signer Certificate Sig-0001", OU="CineCert, LLC D-Cinema
RA", O="CineCert, LLC D-Cinema RA", dnQualifier="vnqteTcB2Gji
+1Hl23sxxgOqvwE="</X509IssuerName><X509SerialNumber>16584</
X509SerialNumber></
X509IssuerSerial><X509Certificate>MIIE4jCCA8qgAwIBAgICQMgwDQYJKoZIhvcNAQEFBQAwgawxJTAjBgNVBC4THHZucXRlVGNCMkdqaSsxSGwyM3N4eGdPcXZ3RT0xIjAgBgNVBAoTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExIjAgBgNVBAsTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExOzA5BgNVBAMTMkNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgU2lnbmVyIENlcnRpZmljYXRlIFNpZy0wMDAxMB4XDTA3MDUyMjIzMDkyMFoXDTA4MDUyMTIzMDkyMFowgaQxJTAjBgNVBC4THEtKZ2tJNC9ZUmhsVTBtQTVrVnoyOThzYnZWST0xIjAgBgNVBAoTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExIjAgBgNVBAsTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExMzAxBgNVBAMTKlNNLkNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgRGV2aWNlIERpc25leS1YMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTxz2L7XHpzwbxQPrvv7VPHvbLcFwJlLUxuDud0MR667g6Fg4G2CusH1VOHH7M05YC/
B67bTR8X83z5ymXYghS96tzpWVzL1YzEOtihIY
+9qgJM4sg2E2XhoGQH4SweIFB2ayMV0HZFpMmvd/
H6DcTc2newhCaLrSoHdjjcA8iJVLCV9g9k4HlmgHQsJqvyza11Ci6KRmR5b/
cPI5Z2ezSOmUASEZd49cu+aN9fFfBe1bMEJ9rtiZ4b/
ItcvT3baHuShV1PapfeliaigHBRbgfF9bNknXSBEiHwonOrqZH8P4BeIKC3AYbZpQmBJk2dH4+ogcDnxMrcZaxmumZ
+Yb0CAwEAAaOCARIwggEOMAsGA1UdDwQEAwIF4DAPBgNVHRMBAf8EBTADAgEAMB0GA1UdDgQWBBQomCQjj9hGGVTSYDmRXPb3yxu9UjCBzgYDVR0jBIHGMIHDgBS
+eq15NwHYaOL7UeXbezHGA6q/
AaGBpqSBozCBoDEiMCAGA1UEChMZQ2luZUNlcnQsIExMQyBELUNpbmVtYSBSQTEiMCAGA1UECxMZQ2luZUNlcnQsIExMQyBELUNpbmVtYSBSQTEvMC0GA1UEAxMmQ2luZUNlcnQsIExMQyBDbGFzcyBYIFJvb3QgQ2VydGlmaWNhdGUxJTAjBgNVBC4THDlCSEV3bmFGb0UrVnMxampUUTZ4VWFZT1UrOD2CAkCVMA0GCSqGSIb3DQEBBQUAA4IBAQAK6CxGkqvB1GIGwV9yLz91X/
IvLXn4eGwo6nFii++
+MpfUSbxzrcqlKvxbDBjsOnrWX6oQBjkam4hkY5JsFyuEC4cH6kvB32vvVhdLlTEhz9bry16AVxzk/
jMvGJhmAGOQZf6xA30bvvwcLixOutIu8/
exsKnS02ACkqKKnCWSihz9tthodUbeIXfZHMaAtk6c1vno/3ih3SysqBd7HWy
+sSpWUAsGc8wZPmARIDleVO/
BdeqgZbZIiIEjXaUjHvmbQ2rnaVFECpGP8kzJvA6UAkFrVUtpq0k06rjDRXhdJLvPWOzOMrN8/
lwEe2rvqgtx/UxsMUvOp0bvIzqdFx2d</X509Certificate></
X509Data><X509Data><X509IssuerSerial><X509IssuerName>dnQualifier="9BHEwnaFoE
+Vs1jjTQ6xUaYOU+8=", CN="CineCert, LLC Class X Root Certificate",
OU="CineCert, LLC D-Cinema RA", O="CineCert, LLC D-Cinema RA"</
X509IssuerName><X509SerialNumber>16533</X509SerialNumber></
X509IssuerSerial><X509Certificate>MIIE6DCCA9CgAwIBAgICQJUwDQYJKoZIhvcNAQEFBQAwgaAxIjAgBgNVBAoTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExIjAgBgNVBAsTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExLzAtBgNVBAMTJkNpbmVDZXJ0LCBMTEMgQ2xhc3MgWCBSb290IENlcnRpZmljYXRlMSUwIwYDVQQuExw5QkhFd25hRm9FK1ZzMWpqVFE2eFVhWU9VKzg9MB4XDTA1MTAyNjIzNDMyM1oXDTEwMTAyNTIzNDMyM1owgawxJTAjBgNVBC4THHZucXRlVGNCMkdqaSsxSGwyM3N4eGdPcXZ3RT0xIjAgBgNVBAoTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExIjAgBgNVBAsTGUNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgUkExOzA5BgNVBAMTMkNpbmVDZXJ0LCBMTEMgRC1DaW5lbWEgU2lnbmVyIENlcnRpZmljYXRlIFNpZy0wMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JbcA5jD/
ugAd7sq9urKX8cXdSb6JBvEzbp8h63+VsSWOQBmn4DaT2dmdDbsqZZMgEK2JwlPt8aKG3ub
+0iJkvWOmfS9lAg3FYrVNSWfj77CE7ctLkxH+1fkJDs/
1ofwGflmvivSylQdJZjhpm4GOlQMT6Ui7oRSszd63uqVfr6V1S6TarVR7pgu5camh5RdHpXouyja/
5I1fBu55oizwav0Co1TUi6++NAZzYPt5ZXdLJvXfCfqtR/
5f5rWj5I3JXLaXYaoKCKqzVmnRbqivCYa/wyCKSd284pq
+cgAQZh6D4FAtcPJ9n3j1QS502HMlDq0D7UpKx8YBcKy7wnOtQIDAQABo4IBHDCCARgwCwYDVR0PBAQDAgIEMBIGA1UdEwEB/
wQIMAYBAf8CAQgwHQYDVR0OBBYEFL56rXk3Adho4vtR5dt7McYDqr8BMIHVBgNVHSMEgc0wgcqAFPQRxMJ2haBPlbNY400OsVGmDlPvoYGmpIGjMIGgMSIwIAYDVQQKExlDaW5lQ2VydCwgTExDIEQtQ2luZW1hIFJBMSIwIAYDVQQLExlDaW5lQ2VydCwgTExDIEQtQ2luZW1hIFJBMS8wLQYDVQQDEyZDaW5lQ2VydCwgTExDIENsYXNzIFggUm9vdCBDZXJ0aWZpY2F0ZTElMCMGA1UELhMcOUJIRXduYUZvRStWczFqalRRNnhVYVlPVSs4PYIJAOoq1VHdwDlrMA0GCSqGSIb3DQEBBQUAA4IBAQAXBRqLt6igQ6MaCzlE4tQwrR1c5bEpZlZxzbbEe4kIdQkAwxdVmJdgJJ9mHKs21Hfcq0zvXByxacA3maJElDHXXk2zeFQggZauoBS7WJAKw0CVqvivs6mzPqSG6Q3cu1Gd1TOJDcwTjYr8I/
BYvPgm23AI5tL3C8W6rxqYxbN8IWFN1t24uPRt92ooE
+Y3Zk0Z7CYUwKP0guISGbTkgNFDlDrd5ygVvwAqKPX5SvwQseibbiiOE9Z9YzreajvGglWVWr1BMiAjCtprVnXCN1U/
OATchUEQbm2yQ5hKHtW3WnuugKRA+D15Wkw9Dr8gI8nrt5mhGYmEYCIXl80KY/pn</
X509Certificate></
X509Data><X509Data><X509IssuerSerial><X509IssuerName>dnQualifier="9BHEwnaFoE
+Vs1jjTQ6xUaYOU+8=", CN="CineCert, LLC Class X Root Certificate",
OU="CineCert, LLC D-Cinema RA", O="CineCert, LLC D-Cinema RA"</
X509IssuerName><X509SerialNumber>16873533501486414187</
X509SerialNumber></
X509IssuerSerial><X509Certificate>MIIE4zCCA8ugAwIBAgIJAOoq1VHdwDlrMA0GCSqGSIb3DQEBBQUAMIGgMSIwIAYDVQQKExlDaW5lQ2VydCwgTExDIEQtQ2luZW1hIFJBMSIwIAYDVQQLExlDaW5lQ2VydCwgTExDIEQtQ2luZW1hIFJBMS8wLQYDVQQDEyZDaW5lQ2VydCwgTExDIENsYXNzIFggUm9vdCBDZXJ0aWZpY2F0ZTElMCMGA1UELhMcOUJIRXduYUZvRStWczFqalRRNnhVYVlPVSs4PTAeFw0wNTEwMjYyMzQyMDlaFw0yNTEwMjEyMzQyMDlaMIGgMSIwIAYDVQQKExlDaW5lQ2VydCwgTExDIEQtQ2luZW1hIFJBMSIwIAYDVQQLExlDaW5lQ2VydCwgTExDIEQtQ2luZW1hIFJBMS8wLQYDVQQDEyZDaW5lQ2VydCwgTExDIENsYXNzIFggUm9vdCBDZXJ0aWZpY2F0ZTElMCMGA1UELhMcOUJIRXduYUZvRStWczFqalRRNnhVYVlPVSs4PTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJsRO/
R7XcF4blKmAE0HYUzNUD6QGy96cquYbQivVcMz5osfWPEeA4+yxiB9nYGQ1WeCg0X6TWWUpqDu7amxpfk2ZnihwwOdeOUYhOxTu5Bo7cEfbc6OlusHsLIRHMdvnlfNCUGvY8DKW
+5O3Qh0QnPLxxfe5y2RUQoIif+TUGyF24gAOv
+kT4UC4wFJVwxZB036llbUCJl4XrsWr32QUqJMKsjnTEoXoLyxqQMLz6xc/
WqUt0Lljm5cbqiRhly0FLDyz8nqaKhSe6zpehsnZW/Wn1rUHhjh5o
+S2ERm9EDMY7Ccoz9GULZoAGWX63HpEh0H9aPgsaYKQfzzRNZteOcCAwEAAaOCARwwggEYMB0GA1UdDgQWBBT0EcTCdoWgT5WzWONNDrFRpg5T7zCB1QYDVR0jBIHNMIHKgBT0EcTCdoWgT5WzWONNDrFRpg5T76GBpqSBozCBoDEiMCAGA1UEChMZQ2luZUNlcnQsIExMQyBELUNpbmVtYSBSQTEiMCAGA1UECxMZQ2luZUNlcnQsIExMQyBELUNpbmVtYSBSQTEvMC0GA1UEAxMmQ2luZUNlcnQsIExMQyBDbGFzcyBYIFJvb3QgQ2VydGlmaWNhdGUxJTAjBgNVBC4THDlCSEV3bmFGb0UrVnMxampUUTZ4VWFZT1UrOD2CCQDqKtVR3cA5azASBgNVHRMBAf8ECDAGAQH/
AgEKMAsGA1UdDwQEAwICBDANBgkqhkiG9w0BAQUFAAOCAQEAb0DPnC9x5oxQzfl4DcrYOfmKFrSA5rOO1pf8rCcPYpKmGms3wsD0yWIKzP4bBAdmOntMrS2RD3/
bR0uzl4t4F56f/
WBI6hR53dcBNpLhM2KoiDoa2CaF0+0SsmK2ApO2leXtCfNmsYuT6XojtdywPWr6wL4ZYjVGS6hur4DONzTKqSaqSD3geNTXH5VXlEqBogtIZTRZ0WFmqerLN1xx
+aNqrp0cYTqpGu3EmBBJethbNRXw/RJVtQ7fVAZqURiS6sAkFmL9ia83W6s1tsE/PUTDW/
1s839tULScSydUIGs7BwPGzQX5GvTG/i8eTf67s9zad7ak6F/sprvjRSdIcg==</
X509Certificate></X509Data></KeyInfo></Signature></MyMessage>
Reply to this Message
Valery Pryamikov - 22 Aug 2007 14:19 GMT
Hi,
welcome to the "wonderful" world of XML security ;).

You problem is that XML security specs are full of ambiguities that
often lead to incompatible interpretation and incompatible
implementations. One of the major pitas is that XML signature requires
XML explicit canonical form, which will be signed in resulting
document. XML Base64 binary data serialization doesn't require line
breaks and doesn't prohibit them, so from serialization point of view,
whether or not you insert line breaks in BASE 64 serialization - it
doesn't matter for XML data. However, signature is calculated on
serialized XML and is dependent on whether or not you insert line
breaks in signed elements. XML canonical serialization spec is
ambiguous in this regard. From one side it requires to preserve all
white spaces, significant or not, from other side it requires removing
of insignificant whitespaces from XPATH selection. Signature operates
with result of XPATH, so by taking XPATH removing of insignificant
whitespaces you may interpret it as if you need to remove them (what
is done in Microsoft implementation of XML digital signature). But
from other side, XML signature spec says that signature must be
applied to section of serialized xml document, which may be
interpreted as if you should preserve insignificant whitespaces before
signing (what is done in Apache XML security). WSE implementation uses
workaround and checks signature on two versions of signed elements:
one without insignificant whitespaces (canonical serialization of
XPATH selection) and another with all insignificant whitespaces
preserved (unmodified section of decrypted content). When WSE signs
XML it always remove insignificant whitespaces, but preserves all
significant whitespaces, which is OK with any implementation, because
deserialization may never add whitespaces back.
Now, when you serialize base64 encoded binary data, all whitespaces in
base 64 serialization are significant! So, whitespace inside base 64
encoded data should not affect validity of signature, because these
whitespaces must be always preserved. But this is also easy to
misunderstand because base 64 bit XML serialization doesn't specify
addition of whitespaces...
To avoid signature problem with encrypted data, use Sign-Then-Encrypt
order of operations. In this case, hash of encrypted data is
calculated on source data that is independent from base 64
serializations of cipher data. But in this case, encrypted data must
be serialized with explicit canonical form before you calculate hash
of it for signature and you must encrypt exactly the same data that
you calculate hash of (serialized canonical XML). Different
implementations do different things with this part as well. Some
implementations preserves insignificant whitespaces on source data for
encrypted block (Apache XML Security), others remove this
insignificant whitespaces, because this is always resulting from XPATH
selection (Microsoft XML signature). Microsoft implementation of
explicit canonical XML always removes insignificant whitespaces, even
if you do that on whole document! And many consider it a bug, but
others arguing that it's not. This usually never provides any problem
when you send out signed and encrypted XML (no implementation adds new
insignificant whitespaces), but if you are receiving XML from
somebody, you have no choice, but do it as it is done with WSE - try
validate two version of XML from decrypted data - one is unmodified
XML from what you receive, and another is canonically serialized XML.
if any of these signatures matches - you get your validation. This
solution sucks, and any seasoned cryptographer will immediately say
that this is a new protocol that doesn't have any assessment of
security... and that the results of established security protocols
could not be applied here because of significant modification of the
protocol... but from practical point of view - it may be secure... (if
you ignore the fact that there are actually ways of modifying xml
serialization that will not be detected by signature validation).

In other words - if you are going to do XML security with .Net - use
WSE... or be prepared to do a lot of crazy wiggling of code to
workaround implementation details...

-Valery
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.