[Mono-list] SingedXml.ComputeSignature: Why is SHA1 enforced
Sebastien Pouliot
sebastien.pouliot at gmail.com
Fri May 30 08:32:57 EDT 2008
Hello Mathias,
On Fri, 2008-05-30 at 12:58 +0200, Mathias Tausig wrote:
> Hy!
>
> I was looking through the ComputeSignature() function of the SignedXML
> class: There appear the source lines (abbreviated, just for a RSA case):
>
> signer = new RSAPKCS1SignatureFormatter (key);
IIRC this class only support SHA1 and MD5. This is because MS version,
in the earlier frameworks, was limited to what CryptoAPI supported. Not
sure if the class was updated (in the newer 3.5 framework which also
supports CNG under Vista) to support more algorithm. If it is please
fill a bug report about it.
> HashAlgorithm hash = GetHash (sd.DigestAlgorithm);
> byte[] digest = hash.ComputeHash (SignedInfoTransformed ());
> signer.SetHashAlgorithm ("SHA1");
> m_signature.SignatureValue = signer.CreateSignature (digest);
>
> Since I would like to use other hash-algorithms (like the SHA-2 family),
Anyway the framework is extensible so it's possible to create your own
SignatureFormatter to support the SHA2 (you will also need the
corresponding Deformatter to be able to verify the signature).
It's even easy since you can base your own on Mono's version :-) but
that could raise interoperability issues (at least if you expect other
implementations to verify your signatures).
> I
> am stuck ath the second last line. Is there any particular reason for
> enforcing SHA1, no matter what the key says? I am aware, that the only
> recommended digest in the xmldsig specifications is SHA1,
Yep, this was done for interoperability. The SHA2 family was young in
xmldsig days.
> but since there
> are new URIs for other SigningMethods from w3c, that shouldn't be a
> problem.
Actually it's a problem since the URI is not enough information about
the hash algorithm. E.g. PKCS1 still needs to know the right OID to use
in the padding around the digest that will be signed. This means that
the implementation needs to know more details than the URI (blame the
API for not exposing this stuff ;-).
Sebastien
More information about the Mono-list
mailing list