Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm
Precedence: bulk
Reply-To: security-dev@xml.apache.org
Received-SPF: pass (herse.apache.org: domain of jdmarshall@gmail.com
 designates 64.233.162.206 as permitted sender)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=eK8EtfydzQlPXp8+J/oWoZGfBHW9S7FQfFSsfhlNYnsxQzpFPjFeU37frS+T8hYqyXDIxWADIAnvwxc+x28Dqy8zu9JUIn7LobNLuHlPOWjgXsr736W0k85lIPoYh1BCAFqcXb8gQbF1VYGpY/hkEylOdSgscwfEFtv1A52D+ME=
Message-ID: <3cf41bb90610270954y1f041118pf3a8324df22aeccf@mail.gmail.com>
Date: Fri, 27 Oct 2006 09:54:47 -0700
From: "jason marshall" <jdmarshall@gmail.com>
To: security-dev@xml.apache.org
Subject: Re: Multiple digests of the same resource
In-Reply-To: <453D3191.10101@Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <3cf41bb90610210117i3c46b704u657d4eec87abd606@mail.gmail.com>
	 <3cf41bb90610211122m6d6094bfs98195ff9a948890a@mail.gmail.com>
	 <453D3191.10101@Sun.COM>

Interesting point.  It wasn't clear to me from reading the code that
this was the only thing this method changes about the signature check.
 Will regular references still be validated (ie, references to other
elements within the document)?

So if I did that, then I'd still have to check to make sure that
SignatureB only signed across files that were in SignatureA, and that
the digests listed in SignatureB match those in SignatureA.  If not,
I'd have to turn following back on, and run the check again.

I think I could probably live with that, if that's really the only
reduction in signature checking that occurs.

Thanks,
Jason


On 10/23/06, Sean Mullan <Sean.Mullan@sun.com> wrote:
> Did you know that Manifest/Reference digests are not validated by default?
>
> This is just a guess, and probably not exactly what you want because I
> don't think I fully understand the problem, but you could validate the
> first signature including the manifests and then disable it for
> subsequent signatures, see
> (XMLSignature.setFollowNestedManifests(false))... so effectively your
> file digest is only calculated and verified once.
>
> --Sean
>
> jason marshall wrote:
> > I have a usage of XML Signatures that's probably at the intersection
> > of several out-of-the-ordinary uses of the spec, and I'm wondering if
> > there are any shortcuts I can take.
> >
> > I am using ds:Object/ds:Manifest References to refer to external
> > files, for the purposes of providing a digest of files which accompany
> > to the XML document.  Sometimes these files are quite large.
> >
> > I am also using detached signatures, sometimes more than one to a
> > single XML file.  In this case the certs mean different things to
> > different consumers of the same XML file.  They might be added all at
> > once, or accumulated over time.
> >
> > This results in a situation where one XML document posesses multiple
> > digests for the same file.   This presents a throughput problem when
> > verifying signatures, as the digests in this case are the proverbial
> > tall tent pole by a good margin.  I haven't discovered any mechanism
> > built into the XMLSec API which allows or encourages the sharing of
> > digest calculations for the same resource.
> >
> >  From my reading of the Java implementation, all of the fields and
> > methods related to calculating the digest are safely hidden away from
> > my grubby hands, and probably for good reason considering how fragile
> > this could make the verification code.  I'm wondering if there's some
> > way to accomplish this without jeopardizing correctness, and
> > especially without heavily subclassing the Reference or Manifest class
> > to do so.
> >
> > Or am I out of luck?
> >
> > Thanks,
> > Jason Marshall
> >
> >
>
>


-- 
- Jason