views:

93

answers:

2

I'm programming a pet project in Python, and it involves users A & B interacting over network, attempting to insure that each has a local copy of the same file from user C.

The idea is that C gives each a file that has been digitally signed. A & B trade the digital signatures they have, and check it out on their own copy. If the signature fails, then one of them has an incorrect/corrupt/modified version of the file.

The question is, therefore, can C distribute a single file that somehow includes it's own signature? Or does C need to supply the file and signature separately?

+4  A: 

If you have control over the file format, yes. Include the signature in a header before the content proper, and make the signature cover only the content section of the file, not the entire file. Something like:

SIGNATURE=72ba51288199b829a4b9ca2ac911e60c
BEGIN_CONTENTS
... real file contents here ...
Jason Creighton
thanks for the sample.
hewhocutsdown
+5  A: 

The digital signature from C alone should be enough for both A and B to confirm that their file is not corrupted, without ever communicating with eachother. If A and B did not receive a signature from C, they could each create a cryptographic hash of the file and compare the hash, but that does not require any digital signing on C's part.

If you want C to sign the file, either send the signature and the file seperately, or wrap them both in some sort of container, such as a zip file or home grown solution (e.g., the first line in the file represents the signature, the rest is the payload).

To answer your question literally, the signature doesn't have to be outside the file per se, but the part that is being signed cannot include the signature itself.

Matt Bridges
That answers my question, I believe. There's not really a clean solution, as the file format in question is already a .zip file. Creating a .zip file with a custom header probably isn't a good idea, but neither is nested .zips, so perhaps separation is the way to go. Thank you.
hewhocutsdown
The zip format supports arbitrary leading and trailing data. You could simply append or prepend the file's hash to the zipfile, and it'll still be a valid zip.
Nick Johnson