tags:

views:

401

answers:

2
Q: 

digital signature - detached Pkcs#7 to XML-DSIG

Hi!

I am struggling with the following scenario:

  1. an XML-message is created client-side and digitally signed using mozilla's window.crypto.signText. After signing, the message and the signature are transmitted via a webservice (.net) to the server. Everything is fine until this point.

  2. on the server, the XML shall be included in another XML-document, which is publicly accessible. The signature should be published as well in order to grant non-repudiation.

Q: Is there a smooth option to convert the detached Pkcs#7 into XML-DSIG (e.g. functionality within the .net framework)?

Q2: Or is it possible to create the XML-DSIG already client-side without using external plugins?

Tnx for your help!

Alois Paulin

A: 

Hello! Do you find how to do it, I have a similar problem.

Thanks

Indigo  2010-01-21 19:43:50
hi!nop, i didn't find any clear solution for this issue. thus i publish both the signature (base-64 encoded) as produced by .signText as well as the the base-64 enc. message within the clear-text XML message. so anyone who wants to verify the signature can verify it upon the raw message. a quite "dirty" solution, but sufficient for my needs.but i would still appreciate an answer to this problem :-)cheers!Alois
Alois  2010-02-14 13:32:19
+1  A: 

Due to the nature of both digital signature formats XML and PKCS#7, it is not possible to convert from one to the other.

In a very simplified explanation, the signature in PKCS#7 format contains, among other stuff, some specific data structure called DigestInfo that contains the data digest and an OID (object identifier), and has been ciphered with the user's private key. The XML-Dsig format applies the final step of the cryptographic algorithm (again with the user's private key) to a different data value calculated from digesting the original XML data and some specific XML-DSig data structures. Therefore, since both ciphered values will not be the same, it is only possible to generate the XML-DSig signature by signing the data with the user's private key, which you will not have access to (thus the name private).

From that explanation, the answer to your first question is "No, there is no smooth option, it is not possible at all".

Therefore the only option is to generate the XML-DSig directly at the client side. That is not possible using standard Javascript, definitely not with Firefox's window.crypto (which only generates PKCS7 detached signatures). At my company (www.isigma.es), we solve that by using an applet, it is a common solution in the digital signature industry (there are many commercial and also some open source solutions). That may not be an option in your case, if you do not want browser plugins.

CAPICOM (the windows-based active/X component that you may use in a Microsoft setup) also does not generate XML-DSig, only CMS/PKCS7.

Carles Barrobés  2010-03-24 00:44:25

related questions

Update original data in detached signature created by crypto.signText
Opening PKCS 7 Certificate files
Signing data with PKCS #7 (opaque) for the web
Add content to PKCS7 detached signature
C# PKCS signatures
Add Signing Time to PKCS7 Signed CMS?
Should X509 certificate have nonRepudiation bit set to check PKCS7 signature?
C# Create MIME Message?
BouncyCastle create PKCS 7 Encrypted File? C#
Decrypt p7m File Using C#?
Verifying PKCS#7 certificates in Java
Signature Generation using PKCS#7 Specifications
Question about creating digital signature using OpenSSL‏(pkcs7)
PKCS#7 Signed Code Image extracting
How to encode a value in PKCS7 with Java?
How do I create an encrypted PayPal button dynamically in Google App Engine?
Is there any OpenSSL function to convert PKCS7 file to PEM
Alternatives to Bouncy Castle java library for PKCS7 encryption/signing?
SignedCms.CheckSignature() with renewed cert -> new serial?????
XML DSIG Verification
Digitally Sign Parts of a XML document
XML Signature in a Web application
How to read Pkcs#7 certificate chain from file/stream in C#?
What is the algorithm identifier when using AES in CBC mode with ISO 10126 padding inside of PKCS#7?