RE: Multiple signing on same set of items and on same file from Christian Geuer-Pollmann on 2023-12-05 (w3c-ietf-xmldsig@w3.org from October to December 2023)

From: Christian Geuer-Pollmann <Christian.Geuer-Pollmann@microsoft.com>
Date: Tue, 5 Dec 2023 09:32:52 +0000
To: "Rashmi Ramanna (rasraman)" <rasraman@cisco.com>, "w3c-ietf-xmldsig@w3.org" <w3c-ietf-xmldsig@w3.org>
Message-ID: <AM9PR83MB0498F842C7D68355788D345CC085A@AM9PR83MB0498.EURPRD83.prod.outlook.com>
I recommend deeply checking whether you really need XML Signatures, or whether a different mechanism works for your scenario. XML Signature is not trivial, given the way how ds:Reference and Transforms work. Particularly validating signatures must be done carefully, as a valid signature is useless unless you check that the signed parts are the ones you expect. You either have to check by validating that the signature conforms to some profile, or that you can get the input that goes into the hash functions. For example, back in the days, I implemented the getContentsAfterTransformation<https://github.com/apache/santuario-xml-security-java/blob/main/src/main/java/org/apache/xml/security/signature/Reference.java#L473> function for the Apache XML Security Suite, or the XMLSignatureInputDebugger, which lets you probe the data in the different steps of Transforms.

For example, people who misunderstood how XPath1.0 transforms work, created a whole bunch of vulnerabilities... So really really think hard whether you need it. XML Signature is by far the most complex signature creation mechanism we have on the planet.

How to your Q:

One way how you could do it is by having the signatures and the signed contents in different parts of an XML doc, and just refer to the signed contents with a ds:Reference/@URI="#...", and only a single C14n transform, and checking that the signatures point to where you think they point to.


<doc>
<myData id="signedstuff">
     <name>Rashmi</name>
     <company>Cisco</company>
     <address>zyx</address>
</myData>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
  <!-- my first signature-->
    <SignedInfo>
      ...
      <Reference URI="#signedstuff">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
        </Transforms>
        <DigestMethod Algorithm=http://www.w3.org/2000/09/xmldsig#sha512/>
        <DigestValue>...</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>...</SignatureValue>
</Signature>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
  <!-- my second signature-->
    <SignedInfo>
      ...
      <Reference URI="#signedstuff">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
        </Transforms>
        <DigestMethod Algorithm=http://www.w3.org/2000/09/xmldsig#sha512/>
        <DigestValue>...</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>...</SignatureValue>
</Signature>
</doc>


From: Rashmi Ramanna (rasraman) <rasraman@cisco.com>
Sent: 2023-Dez-04 22:35
To: Christian Geuer-Pollmann <Christian.Geuer-Pollmann@microsoft.com>; w3c-ietf-xmldsig@w3.org
Subject: [EXTERNAL] RE: Multiple signing on same set of items and on same file

You don't often get email from rasraman@cisco.com<mailto:rasraman@cisco.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
Is there any standards defined or examples depicting how multi signing can be done?

Thanks,
Rashmi

From: Christian Geuer-Pollmann <Christian.Geuer-Pollmann@microsoft.com<mailto:Christian.Geuer-Pollmann@microsoft.com>>
Sent: Thursday, November 30, 2023 6:56 AM
To: Rashmi Ramanna (rasraman) <rasraman@cisco.com<mailto:rasraman@cisco.com>>; w3c-ietf-xmldsig@w3.org<mailto:w3c-ietf-xmldsig@w3.org>
Subject: RE: Multiple signing on same set of items and on same file

Yes, you can have multiple XML Signatures in a file, and they can cover the same contents. However, you must check how you construct the signatures. (your sample below isn't a well-formed XML doc, as it has no single document element). You essentially want to avoid that the signatures 'disturb' each other. Therefore, you cannot simply say "I sign the whole document and use an enveloping signature".

From: Rashmi Ramanna (rasraman) <rasraman@cisco.com<mailto:rasraman@cisco.com>>
Sent: 2023-Nov-29 21:32
To: w3c-ietf-xmldsig@w3.org<mailto:w3c-ietf-xmldsig@w3.org>
Subject: [EXTERNAL] Multiple signing on same set of items and on same file

You don't often get email from rasraman@cisco.com<mailto:rasraman@cisco.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
Hi Team,

I would like to know if multiple signing of same items  and on same xml file is possible?
If yes can you please point me to the document explaining how that can be done?

I want to dual sign xml file using both SHA1 and SHA256 because of some internal requirement.

Eg: my abc.xml have below contents
     <name>Rashmi</name>
     <company>Cisco</company>
     <address>zyx</address>

I want to include all the items in abc.xml under the signatures SHA1 and SHA256

Really appreciate your respone.

Thanks,
Rashmi
Received on Tuesday, 5 December 2023 09:33:04 UTC