[xmlsec] Verify SignedInfo but not the references

Aleksey Sanin aleksey at aleksey.com
Thu Sep 24 18:42:55 PDT 2015 

This is a very bad idea to do not check Reference. The validity of
the signature means nothing w/o checking references.

Aleksey

On 9/24/15 6:35 PM, Dimitrios Siganos wrote:
> Hi Aleksey,
> 
> I believe the following patch gives me the ability to do what I want,
> which is to be able to check the integrity of SignedInfo even if the
> references are not all available.
> 
> When XMLSEC_DSIG_FLAGS_SKIP_REFERENCE_ERRORS is set, dsigCtx->status
> will not be set to invalid due to a reference hash mismatch.
> This allows xmlsec to carry on and check the integrity of SignedInfo.
> Of course, the user then has more work to do to check if everything
> went well. He has to check each dsigRefCtx individually for failure
> but that is what I want in my case.
> 
> I appreciate that you may not want this feature in xmlsec library.
> However, I'd appreciate it if you thought my patch had a problem.
> If you think this is something that you'd like to have in libxmlsec
> then I can expand my patch and make it more complete.
> 
> diff --git a/include/xmlsec/xmldsig.h b/include/xmlsec/xmldsig.h
> index 3cd311e..623b8b1 100644
> --- a/include/xmlsec/xmldsig.h
> +++ b/include/xmlsec/xmldsig.h
> @@ -95,6 +95,14 @@ typedef enum {
>  #define XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK                       0x00000010
> 
>  /**
> + * XMLSEC_DSIG_FLAGS_SKIP_REFERENCE_ERRORS:
> + *
> + * If this flag is set then errors thrown by <dsig:Reference/> processing
> + * do not change the status of the dsig verification.
> + */
> +#define XMLSEC_DSIG_FLAGS_SKIP_REFERENCE_ERRORS               0x00000020
> +
> +/**
>   * xmlSecDSigCtx:
>   * @userData:                   the pointer to user data (xmlsec and
> xmlsec-crypto libraries
>   *                              never touches this).
> diff --git a/src/xmldsig.c b/src/xmldsig.c
> index 10ba03f..e3e39dd 100644
> --- a/src/xmldsig.c
> +++ b/src/xmldsig.c
> @@ -830,8 +833,10 @@
> xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx,
> xmlNodePtr node) {
> 
>          /* bail out if next Reference processing failed */
>          if(dsigRefCtx->status != xmlSecDSigStatusSucceeded) {
> -            dsigCtx->status = xmlSecDSigStatusInvalid;
> -            return(0);
> +            if ((dsigCtx->flags &
> XMLSEC_DSIG_FLAGS_SKIP_REFERENCE_ERRORS) == 0) {
> +                dsigCtx->status = xmlSecDSigStatusInvalid;
> +                return(0);
> +            }
>          }
>          cur = xmlSecGetNextElementNode(cur->next);
>      }
> 
> Regards,
> Dimitris
> 
> On Thu, Sep 24, 2015 at 8:49 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:
>> You can run the complete signature verification and then look
>> at xmlDsigCtx to figure out what have happened.
>>
>> Aleksey
>>
>> On 9/24/15 9:31 AM, Dimitrios Siganos wrote:
>>> Hi,
>>>
>>> Given an xmldsig signature with many extrernal references to large
>>> files, I'd like to verify the SignedInfo xml element but I don't want
>>> to verify the references in the same step. In other words, I'd like to
>>> check that the SignedInfo has not been tampered with but I don't want
>>> the xmlsec library to read the external references. I'd like to do
>>> that myself, in lazy way, on a file by file basis, to allow for
>>> quicker random access to individual files.
>>>
>>> Here's an example signature:
>>> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="AuthorSignature">
>>> <SignedInfo>
>>> <CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
>>> <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
>>> <Reference URI="a">
>>>     <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
>>>     <DigestValue>tDyN15x4Nxb1LVVRGRjsiCOhwWNaZ5X5sXtoWSOS0BA=</DigestValue>
>>> </Reference>
>>> <Reference URI="b">
>>>     <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
>>>     <DigestValue>HjuL1imtKF3KPAR+Qbb/Mba470xFsmL4ftwgVOE3c4w=</DigestValue>
>>> </Reference>
>>> </SignedInfo>
>>> <SignatureValue>...data omitted...</SignatureValue>
>>> <KeyInfo>
>>> <X509Data> <X509Certificate>...data omitted...</X509Certificate> </X509Data>
>>> </KeyInfo>
>>> </Signature>
>>>
>>> From this example signature, I would like to make sure that SignedInfo
>>> is not tamperred but I don't want the library to read the files 'a'
>>> and 'b' and compare their hashes with the hashes recorded in the
>>> references.
>>>
>>> Do you have any advice on the how best to do that?
>>>
>>> Regards,
>>> Dimitris
>>> _______________________________________________
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>>

More information about the xmlsec mailing list