RE: [GUMP] Build Failure - Security from Christian Geuer-Pollmann on 2001-11-29 (w3c-ietf-xmldsig@w3.org from October to December 2001)

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Thu, 29 Nov 2001 14:48:45 +0100
To: Gregor Karlinger <gregor.karlinger@iaik.at>
Cc: XMLSigWG <w3c-ietf-xmldsig@w3.org>
Message-id: <2022977827.1007045325@[192.168.10.1]>

Hi Gregor,

--On Mittwoch, 28. November 2001 20:50 +0100 Gregor Karlinger 
<gregor.karlinger@iaik.at> wrote:

> Another issue is if there is a need to fix this bug, since the Reference
> processing model of XMLDSIG is based on the XPath data model. If an
> application programmer relies on this fact and uses an XMLDSIG
> implementation
> that uses Xalan for XPath processing, signature creation/validation could
> be incorrect if XPath transforms are utilized that make use of the XPath
> namespace
> axis.
>
> Think of the following (academic, I have to admit) example:
>
>   1. Fetch the following XML document
>
>      <AnElement xmlns:foo="bar">
>        <AnotherElement/>
>      </AnElement>
>
>   2. Apply an XPath transform with an XPath
>      "self::AnotherElement/namespace::foo". This should
>      result in a node list containing a single node, namely the element
>      "AnotherElement". But since the XPath implementation is buggy, an
>      empty node list is the result of the transform.
>
>   3. Final canonicalization: Although the c14n implementation is working
>      correct (since it has implemented a work around for the Xalan bug),
>      in this case the input for the hash computation will be nothing in-
>      stead of "<AnotherElement>".

I tried it using my impl and what I created (passphrase is 
"secret".getBytes("ASCII")):

To this Document, I added my Signature

<AnElement xmlns:foo='http://bar.com/'>
   <AnotherElement />
</AnElement>

which resulted in this signed Doucment

<AnElement xmlns:foo="http://bar.com/">
   <AnotherElement></AnotherElement>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Canonicali
zationMethod>
<ds:SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMetho
d>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform 
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><ds:XPath>self::An
otherElement/namespace::foo</ds:XPath></ds:Transform>
</ds:Transforms>
<ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>4r4QmnaIJUx4KOWWujbAolYZcsg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>QmMwEn0zLabP5wsAtrsrij02Z0U=</ds:SignatureValue>
</ds:Signature></AnElement>

The signed bytes from the Reference are:

<AnotherElement xmlns:foo="http://bar.com/"></AnotherElement>

Right or wrong?

Christian

Received on Thursday, 29 November 2001 08:37:40 UTC