Return-Path: X-Original-To: apmail-couchdb-user-archive@www.apache.org Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CEF8FDF92 for ; Wed, 4 Jul 2012 18:40:28 +0000 (UTC) Received: (qmail 26471 invoked by uid 500); 4 Jul 2012 18:40:27 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 26447 invoked by uid 500); 4 Jul 2012 18:40:27 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 26435 invoked by uid 99); 4 Jul 2012 18:40:27 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Jul 2012 18:40:27 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FSL_RCVD_USER,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of janjbot@gmail.com designates 209.85.160.180 as permitted sender) Received: from [209.85.160.180] (HELO mail-gh0-f180.google.com) (209.85.160.180) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Jul 2012 18:40:22 +0000 Received: by ghbz12 with SMTP id z12so7310695ghb.11 for ; Wed, 04 Jul 2012 11:40:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=CinzVG2QWVsmQPZdAJAlAjXf+4eWcPM/tyXE/KpUxDk=; b=eFfTN6rZQiq2cQJhD3Pv5HPgRhPb9VqsVPfR6rsT8pgN4/iwfgxr/wgMs+LvE1+KHE yLZe89GbiQswCUQwttle3Wd/dxZDXTJCOVkSosiQ4qeMO+taGlUW+aBW0rpysgFyss3A Q1PCj6OZwHZDhjN4rLAir0oRXkThv1AyhkObRB5MB7h3fjMqXrB6bs6pAHq4gpVo+kWK NyEDB5Zt6U6X6d+IuAqIBwrWTq0yk3/BI3ahEuHi9Ekjem2QtUflbQNCmxt8TveOVLY6 bw38D0EGPqUg1HHhab9S6lZ661Yj7Eq12gcyKtIz40BqS/72pQBrKnLKje0sBswh+Ds5 WxQA== MIME-Version: 1.0 Received: by 10.60.2.3 with SMTP id 3mr4068974oeq.0.1341427201629; Wed, 04 Jul 2012 11:40:01 -0700 (PDT) Received: by 10.60.5.35 with HTTP; Wed, 4 Jul 2012 11:40:01 -0700 (PDT) In-Reply-To: References: <79061073-7E58-4CBC-9DC1-8A98C6811796@sri.com> <0848BFC4-1340-4FF9-A04D-EE6D205A90A0@couchbase.com> Date: Wed, 4 Jul 2012 20:40:01 +0200 Message-ID: Subject: Re: Cryptograhically signed docs... From: Jan Bot To: user@couchdb.apache.org Content-Type: multipart/alternative; boundary=e89a8fb205f2d85cce04c4055b52 X-Virus-Checked: Checked by ClamAV on apache.org --e89a8fb205f2d85cce04c4055b52 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Hi, This would really be a great feature: I'm using CouchDB to manage grid compute jobs and having the ability to sign a document using a private key and check it server side with the public key could really make couchdb part of the grid infrastructure. Cheers, Jan On Wed, Jul 4, 2012 at 11:17 AM, Albin Stig=F6 wrot= e: > Hi, > > Jens, thanks for the link. Did you ever finish the app where you were > using these techniques? > > First I naively thought that it would be enough to hash the body of > what you are going to PUT/POST and then sign that hash and include the > signature as a custom http header. I guess this would work for > verifying the data on the first post but you would not be able to > verify the signature later if couchdb does any parsing of the > transported data. > > What you are suggesting using a canonical representation of of JSON > seems like a much better idea it also apparently what oauth uses. > > I guess this would require some hacking on couchdb. It would be really > neat to have a _keys database much like the _users and for for > documents to have a _signature field. What do you thin..? > > --Albin > > > > On Wed, Jul 4, 2012 at 3:07 AM, Jens Alfke wrote: > > > > On Jul 3, 2012, at 10:01 AM, Jim Klo wrote: > > > >> Yes, and as a matter of fact, i just got digital signature validation > using OpenPGP within a map function working a few minutes ago! > >> Here's a link to the relevant code: > https://github.com/jimklo/TheCollector/blob/master/dataservices/thecollec= tor-resources/views/lib/sig_utils.js > > > > As far as I can tell, this code uses a data schema where the signed > contents are wrapped in some kind of OpenPGP encoding: > > > >> var msg_list =3D > openpgp.read_message(doc.digital_signature.signature); > >> for (var i=3D0; i >> isValid |=3D msg_list[i].verifySignature(); > >> } > > > > It looks like msg_list is the actual document payload, which has to be > decoded using openpgp.read_message. > > > > This is IMHO not a very good solution because it hides the document > contents away =97 for example, all the map functions and any app logic th= at > uses documents will have to know to call read_message, which will also ma= ke > them slower. > > > > The schema I implemented (see my previous message) doesn't alter the > basic document format. The signature is in a nested object but applies to > the entire document contents (minus the signature itself of course). > There's no need to change any code that reads documents; the only time yo= u > have to know about the signature scheme is while verifying the signature. > It's even possible to have multiple signatures on a document. > > > > =97Jens > --e89a8fb205f2d85cce04c4055b52--