On Thu, Mar 18, 2010 at 10:36, maxwolf <waxm...@gmail.com> wrote:
> I wonder if protobuf messages are safe to be crypto signed?

If you just sign the content of a message, then this should be an
operation that should not require that a message is generated the same
for different implementations, right ? Meaning, you have some binary
encoded message generated by some implementation and its signature so
you can compare if that content is indeed signed by the owner. You
directly compare that binary encoding with that signature.

But looks like you're looking for a bit stronger guarantee: that you
can just operate only on the hash of some message and want that to be
identical for messages with the same content generated by different

> More
> precisely - will certain message serialized from the same set of field
> values be exactly the same for every platform/language?

The encoding scheme does not enforce this per se: it is entirely valid
to send fields in a different order over the wire and thus have
equivalent messages whose binary encoding is different.
However, all current Google implementations actually encode the same
messages the same way - I guess too many people relied on being able
to reliably store hash values of messages (Kenton needs to confirm
this, but I am pretty sure).
With other words: there is no strong guarantee but in practice, it works :)


You received this message because you are subscribed to the Google Groups 
"Protocol Buffers" group.
To post to this group, send email to proto...@googlegroups.com.
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to