Hi David,
I believe that you can accomplish what you need using a same-document
detached XML signature.
A few words of warning at the outset: Specific elements to be signed can be
referenced via Id attribute or XPath. After thinking about your situation,
the preferred simple way of Id attribute references will not really work in
your situation because an Id in document #1 is not going to match, so when
the signatures move, the verification won't work.
* You'll have to use an XPath expression to reference the element(s) to
sign. This is usually slower and less efficient, but it may be the only way
to go for your problem domain.
OK, so now let me try and walk through your example conceptually, applying
the <ds:Signature> as appropriate:
For the sake of clarity, I'm going to omit all of the details of your
content model except for the touch points with XML Signature.
Let's start with the main document, which is going to be (at the outset)
about 2MB in size.
<doc>
<file>
<!-- additional child elements are here -->
</file>
</doc>
>From an XML "document" perspective, we are adding two things to this
document:
a. The signer information (<SignatureTran> element)
b. The <ds:Signature>
Visually, the content model will look like this:
<doc> ... </doc>
<SignerTran> ... </SignerTran>
<ds:Signature> ... </ds:Signature>
Problem #1: This is not well-formed XML, so let's wrap it in a document
element. The document element can be any element of course, so I'll just
make up name ("wrapped").
<wrapped>
<doc> ... </doc>
<SignerTran> ... </SignerTran>
<ds:Signature> ... </ds:Signature>
</wrapped>
The next issue to tackle is the actual reference to the two elements that
need to be signed: <file> and <SignerTran>.
The <ds:Reference> will be an expression of the form
"ancestor-or-self::file" and "ancestor-or-self::SignerTran". There will be
two references, one for <file> and one for <SignerTran>. The empty quote
On the URI reference means that the entire node-set must be processed and
the necessary portion "filtered" out.
<wrapped>
<!-- top portion, file -->
<doc>
<file Id="fileId"> ... </file>
</doc>
<!-- bottom portion, metadata and signature -->
<SignerTran ... </SignerTran>
<ds:Signature> ...
<ds:Reference URI="">
<Transforms>
<Transform>
<Xpath> ancestor-or-self::file </XPath>
</Transform>
</Transforms>
</ds:Reference>
<ds:Reference URI="">
<Transforms>
<Transform>
<Xpath> ancestor-or-self::Signer1 </XPath>
</Transform>
</Transforms>
</ds:Reference>
</ds:Reference>
</ds:Signature>
</wrapped>
>From here, once the signature is generated, you should be able to extract
the "bottom portion" of the signature, and "insert" it into another document
with the same content model and element names. I've left out the namespace
information on your elements - these must to be included in the XPath
expression for it to work properly.
Just to summarize:
1. Your scenario can be accomplished using XML Signature
2. Use XPath transforms to identify the elements to be signed, because Id's
won't be consistent from document to document
3. The type of signature in the XML Signature nomenclature is "same-document
detached signature"
4. Make sure that you add a wrapped element if you want well-formed XML.
As for the Apache APIs, you can probably use them to make a prototype, but
depending on your performance requirements, generating the signature may be
slow, it all depends on how fast these must be generated.
Because your situation requires an XPath expression, there is extra XML
processing that must be done during the filtering that can slow things down.
Kind Regards,
Blake Dournaee
Senior Security Architect
Sarvega, Inc.
-----Original Message-----
From: David Wall @ Yozons, Inc. [mailto:[EMAIL PROTECTED]
Sent: Monday, June 21, 2004 6:46 PM
To: [EMAIL PROTECTED]
Subject: Re: ThreeSignerContract example -- detached signatures examples?
> I'm just getting my feet wet with xml-sec so bear with me.
>
> Are you trying to avoid having the <file> element copied in three
> signatures? Or having it transfered back to the central repository?
> Or are you looking for a group signature. (Saw a presentation at RSA
> 2004 by Dan Boneh http://robotics.stanford.edu/~xb/crypto04a/ that
> talked about this, but it might not be what you need).
>
> Noah
Basically I want to avoid copying the file element all around. When the
file element is small, it's not much of an issue, but some signed audio
transcript files, for example, run into the 10-50MB range -- when a doctor
is signing off on their dictation notes. So each time a signature is
applied, I'd like to be able to transmit that signature element by itself so
that the receiver can simply append it to their information without needing
to send the original data again.
David
