[xmlsec] Embedded signature: canonicalization issues

Thomas Elstner Thomas.Elstner at xonion.net
Mon Jul 7 00:17:24 PDT 2014


Hello,

I¹m trying to adopt the examples given in sign3.c and verify3.c to sign
and verify subnodes of a xml document using embedded signatures.
The templated XML I¹m signing looks like this:

<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<!DOCTYPE test [
<!ATTLIST License Id ID #IMPLIED>
]>
<LicenseList>
    <License Id="base">
        <Component>base</Component>
        <ValidFrom>2012-01-01T00:00:00</ValidFrom>
        <ValidTo>3000-12-31T00:00:00</ValidTo>
        <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-base">
            <SignedInfo>
                <CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <Reference URI="#base">
                    <Transforms>
                        <Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
                        />
                    </Transforms>
                    <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <DigestValue/>
                </Reference>
            </SignedInfo>
            <SignatureValue/>
            <KeyInfo>
                <X509Data/>
            </KeyInfo>
        </Signature>
    </License>
    <License Id="bookmarks">
        <Component>bookmarks</Component>
        <ValidFrom>2012-01-01T00:00:00</ValidFrom>
        <ValidTo>3000-12-31T00:00:00</ValidTo>
        <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-bookmarks">
            <SignedInfo>
                <CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <Reference URI="#bookmarks">
                    <Transforms>
                        <Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
                        />
                    </Transforms>
                    <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <DigestValue/>
                </Reference>
            </SignedInfo>
            <SignatureValue/>
            <KeyInfo>
                <X509Data/>
            </KeyInfo>
        </Signature>
    </License>
</LicenseList>

The signed XML my code produces looks like this:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!DOCTYPE test [
<!ATTLIST License Id ID #IMPLIED>
]>
<LicenseList><License
Id="base"><Component>base</Component><ValidFrom>2012-01-01T00:00:00</ValidF
rom><ValidTo>3000-12-31T00:00:00</ValidTo><Signature
xmlns="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-base"><SignedInfo><CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMetho
d><SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod><R
eference URI="#base"><Transforms><Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transfo
rm></Transforms><DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestVa
lue>W4FWJ3y4LDVvDqZrFXvMzNaIAq0=</DigestValue></Reference></SignedInfo><Sig
natureValue>PeTwPHH1ncQ0vVevOXWW0ZQTj4BmdqVNivqNRgIiQ0mHW8s/Fd93WOaPJ7sTF+j
X
GKYY/9L3DsQG/8qIwhQSGR52vM6FoorNKopZ1ld31B6+d7y4sn45G7Lm9l4geFG6
s42ahK823UVNQQppNE1Se3+IhUPd5yepZM77IqaT4VQ=</SignatureValue><KeyInfo><X509
Data>
<X509Certificate>Šblablabla...</X509Certificate>
</X509Data></KeyInfo></Signature></License><License
Id="bookmarks"><Component>bookmarks</Component><ValidFrom>2012-01-01T00:00:
00</ValidFrom><ValidTo>3000-12-31T00:00:00</ValidTo><Signature
xmlns="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-bookmarks"><SignedInfo><CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMetho
d><SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod><R
eference URI="#bookmarks"><Transforms><Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transfo
rm></Transforms><DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestVa
lue>q20LUJoSDkpF1uyCNx+htvUhMxY=</DigestValue></Reference></SignedInfo><Sig
natureValue>E0VUK9iVIO9weJIQ4fSC151O1kCl6ZZ9vvPmPwiwHa2g32dTv4eZPFktptaRORp
2
S3o9FtFk5UUB8lp8TXxvhp2G9Dor5Sk/iOyrfhiDqhZCQyOR5HVnnAEDEldtSoW1
6wpqBxJwzglK6nUdc+6baV1/Oat/YaO6agIAKaR0CLU=</SignatureValue><KeyInfo><X509
Data>
<X509Certificate>Šblablabla...</X509Certificate>
</X509Data></KeyInfo></Signature></License></LicenseList>

I can successfully sign & verify the XML for each License node, however,
the DigestValue and the SignatureValues are different from what I achieve
using the xmlsec1 command line tool
(using this commandline: xmlsec1 --sign --privkey-pem base.key,base.pem
--node-id base --output signed.xml tosign.xml and similar for the
bookmarks-node):

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!DOCTYPE test [
<!ATTLIST License Id ID #IMPLIED>
]>
<LicenseList>
    <License Id="base">
        <Component>base</Component>
        <ValidFrom>2012-01-01T00:00:00</ValidFrom>
        <ValidTo>3000-12-31T00:00:00</ValidTo>
        <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-base">
            <SignedInfo>
                <CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <Reference URI="#base">
                    <Transforms>
                        <Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    </Transforms>
                    <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <DigestValue>Sbk/adhAenj+cbDJ+L0V6ZO3ukg=</DigestValue>
                </Reference>
            </SignedInfo>
            
<SignatureValue>RF9jZrnIaOqJLMRIQq0eG2Yo/9y+bsMDwMOMxEDJYRjWJ6ZCdniyRbwRw4M
IdsPs
fq95khfvTTJdpaDXMEl6qIqEsJZHc/g6OlHnjcsK+ZIOnvbBUEwB3jugvCecaM0W
kkIrUdsuqOwqhg8IByk0pRKDJh5f6NSzxz+P7MH5rlg=</SignatureValue>
            <KeyInfo>
                <X509Data>
<X509Certificate>Šblablabla...</X509Certificate>
</X509Data>
            </KeyInfo>
        </Signature>
    </License>
    <License Id="bookmarks">
        <Component>bookmarks</Component>
        <ValidFrom>2012-01-01T00:00:00</ValidFrom>
        <ValidTo>3000-12-31T00:00:00</ValidTo>
        <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-bookmarks">
            <SignedInfo>
                <CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <Reference URI="#bookmarks">
                    <Transforms>
                        <Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    </Transforms>
                    <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <DigestValue>rjn86scL4vVK0rRB6WAOanjZ7TA=</DigestValue>
                </Reference>
            </SignedInfo>
            
<SignatureValue>h/lEvsYx2edALXiFyRB7HtIStKH/T8vsdcO+2keNIsU1k4vlwqSYoShRpNj
8My7y
6jjrdX8Ne42KvDgLrK41QSW8INt0/PRqrNdf1pM+V0KC91bWlDVOtCNV1lY2dLpc
S3zdqgAUyHsl5eJ9u0Lw++joPfpuv1Z45MEXmfsNTjY=</SignatureValue>
            <KeyInfo>
                <X509Data>
<X509Certificate>Šblablabla...</X509Certificate>
</X509Data>
            </KeyInfo>
        </Signature>
    </License>
</LicenseList>


Also I have noticed that my signed XML is very sensitive against
reformatting (just look at the compact nodes, if I pretty print this, the
validation fails), so I guess something is wrong with the way I am
applying the canonicalization.
Actually, I am not adding any particular code to the example code in
sign3.c and verify3.c to perform the canonicalization except for having a
CanonicalizationMethod in my template - maybe that¹s the problem?

Thanks in advance for any help,
Thomas




More information about the xmlsec mailing list