W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2002

Re: C14N-Hash implementations???

From: Joseph Reagle <reagle@w3.org>
Date: Fri, 26 Jul 2002 11:27:30 -0400
To: Carl Ellison <cme@jf.intel.com>, "XML Signature \(W3C/IETF\)" <w3c-ietf-xmldsig@w3.org>
Message-Id: <200207261127.30013.reagle@w3.org>

On Friday 26 July 2002 10:27 am, Carl Ellison wrote:
> That is, all C14N implementations I have heard of run exorbitantly
> long times.

Much of this depends on what you are doing. If you don't have to do an XPath 
evaluation, c14n is *much* faster than if you have to do the XPath 
expression.

>  I suspect that that runtime is due mostly to string
> concatenation operations.  If instead of building a single canonical
> XML string you walk a DOM and only send substrings to a hash
> accumulator, in the C14N order, you should be able to produce the
> C14N hash of a DOM structure in almost the time it takes to walk that
> structure for printing without canonicalization.
> So, has anyone done that experiment?  If so, how did it perform?

I'm not sure how relevant this is to your question, but are you familiar 
with DOMHash and XHash?

XHash was "inspired by IBM DOMHASH but processes each element without 
recursive hashing". Brown report no further work on XHASH in 1999.
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0422.html

DOMHASH was not considered an approraite algorithm by its authors for 
xmldsig, and it might've even been slower in that context.
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0420.html
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000JulSep/0422.html
Received on Friday, 26 July 2002 11:27:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:10 UTC