W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2002

Re: C14N-Hash implementations???

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Fri, 26 Jul 2002 17:01:53 +0200
To: Carl Ellison <cme@jf.intel.com>, "XML Signature (W3C/IETF)" <w3c-ietf-xmldsig@w3.org>
Message-ID: <32654374.1027702913@crypto>

> I am very curious whether anyone has done what I call C14N-Hash.
> That is, all C14N implementations I have heard of run exorbitantly
> long times.  I suspect that that runtime is due mostly to string
> concatenation operations.  If instead of building a single canonical
> XML string you walk a DOM and only send substrings to a hash
> accumulator, in the C14N order, you should be able to produce the
> C14N hash of a DOM structure in almost the time it takes to walk that
> structure for printing without canonicalization.
>
> So, has anyone done that experiment?  If so, how did it perform?

About c14n runtime, there are two basic different forms of c14n: (1) c14nize a full subtree which is moderately fast and (2) canonicalizing a node set (document subset) which takes much longer. The thing that really wastes time is to keep track of the [inscope namespace]s, whether you have to output one or not.

My estimation is that the most of the time spent is in the DOM tree traversal (including namespace administration), not in some string concatenations (which involves copy ops etc).

Christian
Received on Friday, 26 July 2002 10:59:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:10 UTC