An Overview of XML Digital Signatures
advertisement
Class: CS265 Name: Xuemei Wu Due: March 24, 2005 An Overview of XML Digital Signatures Digital signatures are widely used in all types of digital transactions today to ensure the message integrity and message authentication. To make the transactions most effective, the digital signature needs to be part of the data being transferred. So a digital signature is generated when the signed message is formed, and it is verified at the time the message is delivered to the recipient. XML Digital Signature is introduced and designed to fulfill the requirement as XML related technologies become more and more popular and important. XML digital signatures are digital signatures designed for use in XML transactions. The XML digital signature specification ( Reference [1] ) specifies XML syntax and processing rules for creating and representing digital signatures. XML Signatures can be used on any digital content. An XML Signature may be applied to the content of one or more resources. There are basically three different types XML Signatures, namely enveloped, enveloping, and detached signatures. The enveloped and enveloping signatures are for data within the same XML document as the signatures; detached signatures are for data external to the signature element. Moreover, XML signature can be used to sign only portions of a XML message instead of the whole document. This is particularly useful in the situations where it is important to ensure the integrity and authenticity of a portion or several portions of an XML document and at the same time providing the flexibility for the other parts of the document to change. The use of XML digital signatures involves two parts, XML Digital Signatures creation and XML Digital Signatures verification. We will first go through the basic structure of an XML signature, and then cover the creation and verification of an XML signature. The Basic Structure of an XML Digital Signature The following is the structure of an XML digital signature as currently defined in the W3C specification. See [1] in References. <Signature ID?> <SignedInfo> <CanonicalizationMethod/> <SignatureMethod/> (<Reference URI? > (<Transforms>)? <DigestMethod> <DigestValue> </Reference>)+ </SignedInfo> <SignatureValue> (<KeyInfo>)? (<Object ID?>)* </Signature> The <Signature> element is the root element of an XML digital signature. It can envelop the local data that it is signing; it can also be enveloped by the local data; and it can also reference an external data. The <SignedInfo> element is the information that is actually signed. The <CanonicalizationMethod> is the algorithm that is used to canonicalize the <SignedInfo> element in a way that everyone agrees on before it is digested as part of the signing process. The <SignatureMethod> specifies the algorithm that is used to convert the canonicalized <SignedInfo> into the <SignatureValue>. For example, RSA-SHA1 is the one that is often used as the signature method. Each <Reference> element includes the digest method and resulting digest value calculated over the identified data object. The optional URI attribute of <Reference> identifies the data object to be signed. If the URI value is specified as an empty string “”, it means the resource data is within the same XML document. The <Transforms> element is an optional ordered list of processing steps that are applied to the resource's content before it is digested. <DigestMethod> element is the algorithm applied to the data after <Transforms> is applied to obtain the <DigestValue>. <KeyInfo> element indicates the public key to be used to validate the signature. <Object> element is an optional element for including data objects within the signature element. An XML signature can be constructed in three basic formats: Enveloped format: the signature is within the document. <document> <signature> … </signature> </document> Enveloping format: the document is within the signature. <signature> <document> ... </document> </signature> Detached format: the signature references a document that is elsewhere through a universal resource identifier (URI) specified in a <Reference> element in the signature. <signature> ... </signature> An XML signatures can also be a combination of these three basic forms. This is an example of a XML Signature that has enveloped, enveloping and detached forms at the same time: <?xml version="1.0" encoding="UTF-8"?> <DocumentRoot> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo Id="myXMLSignature"> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n20010315"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <Reference URI="http://www.xyz.com/updates/2005/Feb-10.xml"> <Transforms> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>1pllwx3rvEPO0vKtNup4NbeVu8kd=</DigestValue> </Reference> <Reference URI=""> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>V6v9a34rTYglRflKiuYxu3VgVKA=</DigestValue> </Reference> <Reference URI=""> <Transforms> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>1lCKQWfJg9712sP9o9ekL6o7Mg8=</DigestValue> </Reference> </SignedInfo> <SignatureValue>RTYE1EF2wv7H6YaLC1XoM7qMnU55rMRSYouXKsnL1zDdR2R5 8WN6XiZPW4exvrq56OuVFHNdJWbtgcuXAkW5wg==</SignatureValue> <KeyInfo> <KeyValue> <RSAKeyValue> <Modulus>pLdP0GGla/imcV1JZve+J881NtZvHD0gcGmkAIdYlM33bHopEhKC7c+rID SceLx0As+WKaVAcxIJVsfZCtpERP== </Modulus> <Exponent>BQCB</Exponent> </RSAKeyValue> </KeyValue> </KeyInfo> <Object> this test message to be signed is enveloped within the XML signature</Object> </Signature> <data>this test message to be signed is part of the document that envelops the XML signature</data> </DocumentRoot> Another fundamental feature of XML Digital Signatures is its ability to sign only a portion of the resource rather than the whole document. This is particularly useful when some portions of a document are in constant change, and the rest is stable. It is less meaningful to maintain a signature on the whole document but on the portions that do not change. The following example shows how to sign only a portion of the message. <?xml version="1.0" encoding="UTF-8"?> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n20010315" /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <Reference URI="http://www.xyz.com/updates/foobar.html#core"> <Transforms> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>1C3KWAjgF9712sQ9o9ekL6o7oP8=</DigestValue> </Reference> </SignedInfo> <SignatureValue>PEOR1EF2wv7H6YaLC1XoM7qMnU55rMRSYouXKsnL1zDdR2R5 8WN6XiZQW4exvrq56OuFGHNdJWbtgcuXAkCR5g==</SignatureValue> <KeyInfo> <KeyValue> <RSAKeyValue> <Modulus>opEQ0GGla/imcV1JZve+J881NtZvDH0gcGmkAIdYlM33bHopEhKC7c+rIF JceLx0As+WKaVAcxIJVsfZCtpPRY== </Modulus> <Exponent>POBA</Exponent> </RSAKeyValue> </KeyValue> </KeyInfo> </Signature> In the above example, only a part of the html file is signed and subsequently verified by the recipients. The application of XML digital signatures involves two parts, XML Digital Signatures creation and XML Digital Signatures verification. XML Digital Signatures Creation The creation of an XML signature involves the following steps: Identifying the resources to be signed This step involves determining the resources that needs to be signed. Based on the nature of the resource content and the locations of the resources, the appropriate <Reference> element is constructed with its URL attribute pointing to the resource to be signed. For example, URL=”http://www.xyz.com/updates/abc.xml” references to an external data resource on the web; URL=”http://www.xyz.com/updates/abc.xml#tag” references to a part of an external data resource on the web; while URL=”” indicates an enclosed resource. Computing the digest of each resource The digest of each referenced resource is then computed using an algorithm specified in the <DigestMethod> element within its <Reference> element. Signing the document Based on the results of the two preceding steps, a <SignedInfo> element is constructed; its digest is calculated; the digest is signed with the signer’s private key and the value is put into <SignatureValue> element. Adding key information This step is optional. If the public key info needs to be sent with the signature, it would be put into the <KeyInfo> element. If the <KeyInfo> is not sent, the recipient has to find the key information elsewhere to verify the signature. Constructing the signature element Put all the pieces together to construct the <Signature> element and that completes the XML signature creation process. XML Digital Signatures Verification The other side of the equation is the XML digital signature verification. Once a recipient gets the XML signature, he or she should do the following to verify the signature to ensure the message integrity and authenticity before the message is consumed. Verifying the digital signature of the <SignedInfo> element First we calculate the digest of the <SignedInfo> element using the digest algorithm specified in the <SignatureMethod> element. Then we use the signer’s public key to get the expected <SignedInfo> from the <SignatureValue> element. We compare the actual <SignedInfo> in the XML signature document with the expected one to verify its integrity and authenticity. Computing the digests of the references After confirming the message integrity, we then recalculate the digests of the references in the <SignedInfo> element and compare them with the digest values specified in each <Reference> element’s <DigestValue>. This step concludes the XML signature verification process. Summary As XML technology becomes a more and more important component of the emerging electronic business transaction infrastructure, we need reliable and secure XML messages to form the basis of business transactions. A digital signature provides a system for assuring the integrity of message, the authentication of the signer, and the nonrepudiation of the entire signature. The W3C XML specification for digital signatures is powerful and flexible. It gives you the ability to sign any data resources in digital form. The resource can be a simple message enclosed in a signature or a message that contains the signature or some XML/non-XML data located somewhere on the internet. You can create complicated signatures that can be a combination of any number of these three basic formats. You can also sign only one or more portions of a document. The XML signature mechanism is relatively straightforward to understand and implement. Nowadays more and more business applications are adopting this powerful and effective technology. References [1] XML-Signature Syntax and Processing http://www.w3.org/TR/xmldsig-core http://www.w3.org/TR/2002/REC-xmldsig-core-20020212
