|
5.1 Digital signature implementation in VEOs
Unauthorised modifications to VEOs are detected using digital signatures. The digital signature covers the contents of the Signed Object (M4) element. The digital signature and all of the information necessary to verify the signature is found in a Signature Block (M134) element. Lock Signature Blocks (M152) elements are identical in content to Signature Blocks, but are used to prevent stripping off the outermost layer of a Modified VEO (see section 3.5.3).
The calculation of a digital signature is simple when using the widely available software libraries. The trickiest part is ensuring that verification is calculated using exactly the same bit sequence that was used when the digital signature was calculated. If exactly the same bit sequence is not used the digital signature cannot be verified.
Ensuring the same bit sequence is complicated by the fact that the VEO is represented as characters in XML. Trivial changes to the VEO that do not affect its processing as XML (e.g. the addition of a space) will render the digital signature unverifiable.
Accordingly, VERS uses the following algorithm to ensure that the characters in the XML are consistently converted to a binary string. Since this algorithm was developed in the initial VERS standard, the W3C has produced a Canonicalisation Standard [Canon], which performs the same task with a great deal more rigour. The use of this canonicalisation standard in VERS is currently under consideration.
5.1.1 Selection of signed portion
The algorithm to generate the bit string to be signed or verified is as follows:
Open the XML file representing the VEO.
Find the '<' of the start tag.
Foreach character upto and including the '>' character of the end tag.
If the character is XML whitespace (space, Unicode U+0020, carriage return, Unicode U+000D;
line feed, Unicode U+000A; or tab, Unicode U+0009)
skip the character
Else
Express the character as a sequence of binary octets using UTF-8
Add octets to the binary string
Sign or verify the resulting binary string
Equivalently:
- Only the contents of the Signed Object (M4) element are included in the digital signature. The characters included in the signature start from the '<' character of the start tag and end with the '>' of the end tag inclusive. Note that all characters in the XML file are included, including any comments and processing instructions.
- All XML whitespace is removed from the characters to be signed. Whitespace characters are defined as space (Unicode U+0020), carriage return (Unicode U+000D), line feed (Unicode U+000A) and tab (Unicode U+0009).
5.1.2 Algorithms supported
Hash Algorithms
The only hash algorithms which may be used are the SHA-1, SHA-256, and SHA-512 algorithms specified in the Secure Hash Standard [SHS]. However, hash algorithms are continually under development and subsequent versions of this standard may allow other algorithms.
Digital Signature Algorithms
Implementors have a choice of two digital signature algorithms:
- RSASSA-PKCS1-v1_5, specified in [RSA]
- DSA, specified in [DSS].
We recommend using the RSA digital signature algorithm, as this is extensively used to perform secure transactions across the Web and therefore implementations can be expected to be widely deployed and tested.
back to top
printer friendly
| 
