Item 48. Verify Documents with XML Digital Signatures

XML documents are used on Wall Street for financial transactions totaling hundreds of millions of dollars per day. Worldwide, the figure's even larger. There's significant incentive for criminals to modify XML documents moving from one system to another. XML digital signatures can help ensure that XML documents have not been tampered with in transit. Not all documents need to be digitally signed, but those that do need to be signed need it badly .

The basic process of signing something digitally involves a keyed hash function. A hash function converts documents into numbers , generally smaller than the document itself. Feed a document into the hash function; get a 128-byte number out. A very simple hash function might count up the number of 1 bits in the document and take the remainder when dividing by 256. This would give 256 possible different hash codes between 0 and 255. Essentially this is a one-byte hash function. Real-world hash functions used for signatures are much larger, much more complex, and much more secure.

To be useful for digital signatures, the hash function is keyed. One key is used to sign the document, and a separate, related key is used to compare the document against its signature and verify that they match. The signing key is kept private while the verification key is published. Since only the holder of the signing key can create a hash code for a document, if you receive a signed document whose signature matches when computed with Alice's public key, you have a fair amount of confidence that Alice signed the document.

For purposes of security, it's important that the hash codes generated by the signing process be widely dispersed. That is, changing even one bit of the document should result in a completely different hash code when the document is signed. Otherwise, it would be possible for a forger to make small changes to the document until he or she got a verifiable signature.

Most algorithms for digital signatures are based around signing an entire file, which is treated as just a sequence of bytes. However, XML signatures are a little more complicated than that. XML allows you to sign only certain elements or document fragments , rather than entire documents. Furthermore, the signatures can be embedded in the documents they sign. And finally, not all details of XML are necessarily relevant to the signature. For instance, it doesn't matter whether a check approval is written as <approved authority="Winston Sherlock" transaction="P87RET"/> or <approved transaction = 'P87RET' authority= 'Winston Sherlock' />; but it's very important that it not be changed to <approved transaction = "P88RET" authority= "Winston Sherlock" /> . XML digital signatures generally sign a fragment of a document that is identified by an XPath expression. The actual data to be signed is calculated by canonicalizing that part of the XML document before signing its bytes.



Effective XML. 50 Specific Ways to Improve Your XML
Effective XML: 50 Specific Ways to Improve Your XML
ISBN: 0321150406
EAN: 2147483647
Year: 2002
Pages: 144

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net