incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bernhard Gschwantner <bernh...@unserwein.at>
Subject Re: Cryptograhically signed docs...
Date Wed, 04 Jul 2012 19:00:09 GMT
I've been following this thread and like the idea. I may be naïve or
completely wrong, but all this sounds quite easy to solve in a design
document and with pure javascript, although probably not very performant.
Just take jens' structure proposal and modify openpgp.js a little bit, put
the stuff into a validate_doc_update function, add the allowed public keys
to a design doc (easy with a couchapp), et voilà: you get a completely
replicable and transparent signature checker ;-)

If I find the time tomorrow, I'll take a shot on a proof of concept. The
building blocks are there already...

Cheers,
Bernhard

Am Mittwoch, 4. Juli 2012 schrieb Albin Stigö :

> Sounds interesting.. I think I will take this to the developers mailing
> list and see if I will be able to generate some interest in the idea..
>
> Albin
>
> onsdag den 4. juli 2012 skrev Jan Bot :
>
> > Hi,
> >
> > This would really be a great feature: I'm using CouchDB to manage grid
> > compute jobs and having the ability to sign a document using a private
> key
> > and check it server side with the public key could really make couchdb
> part
> > of the grid infrastructure.
> >
> > Cheers,
> >
> > Jan
> >
> > On Wed, Jul 4, 2012 at 11:17 AM, Albin Stigö <albin.stigo@gmail.com<javascript:;>
> <javascript:;>>
> > wrote:
> >
> > > Hi,
> > >
> > > Jens, thanks for the link. Did you ever finish the app where you were
> > > using these techniques?
> > >
> > > First I naively thought that it would be enough to hash the body of
> > > what you are going to PUT/POST and then sign that hash and include the
> > > signature as a custom http header. I guess this would work for
> > > verifying the data on the first post but you would not be able to
> > > verify the signature later if couchdb does any parsing of the
> > > transported data.
> > >
> > > What you are suggesting using a canonical representation of of JSON
> > > seems like a much better idea it also apparently what oauth uses.
> > >
> > > I guess this would require some hacking on couchdb. It would be really
> > > neat to have a _keys database much like the _users and for for
> > > documents to have a _signature field. What do you thin..?
> > >
> > > --Albin
> > >
> > >
> > >
> > > On Wed, Jul 4, 2012 at 3:07 AM, Jens Alfke <jens@couchbase.com<javascript:;>
> <javascript:;>>
> > wrote:
> > > >
> > > > On Jul 3, 2012, at 10:01 AM, Jim Klo wrote:
> > > >
> > > >> Yes, and as a matter of fact, i just got digital signature
> validation
> > > using OpenPGP within a map function working a few minutes ago!
> > > >> Here's a link to the relevant code:
> > >
> >
> https://github.com/jimklo/TheCollector/blob/master/dataservices/thecollector-resources/views/lib/sig_utils.js
> > > >
> > > > As far as I can tell, this code uses a data schema where the signed
> > > contents are wrapped in some kind of OpenPGP encoding:
> > > >
> > > >>         var msg_list =
> > > openpgp.read_message(doc.digital_signature.signature);
> > > >>         for (var i=0; i<msg_list.length; i++) {
> > > >>             isValid |= msg_list[i].verifySignature();
> > > >>         }
> > > >
> > > > It looks like msg_list is the actual document payload, which has to
> be
> > > decoded using openpgp.read_message.
> > > >
> > > > This is IMHO not a very good solution because it hides the document
> > > contents away — for example, all the map functions and any app logic
> that
> > > uses documents will have to know to call read_message, which will also
> > make
> > > them slower.
> > > >
> > > > The schema I implemented (see my previous message) doesn't alter the
> > > basic document format. The signature is in a nested object but applies
> to
> > > the entire document contents (minus the signature itself of course).
> > > There's no need to change any code that reads documents; the only time
> > you
> > > have to know about the signature scheme is while verifying the
> signature.
> > > It's even possible to have multiple signatures on a document.
> > > >
> > > > —Jens
> > >
> >
>


-- 

Bernhard Gschwantner
Unser Wein G&U OG
Kirchengasse 13/7, 1070 Wien

mobil: +43 (6991) 971 32 96
tel: +43 (1) 971 32 95
e-mail: bernhard@unserwein.at
twitter: @bernharduw <http://twitter.com/bernharduw>
web: www.unserwein.at

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message