Menu
▾
▴
Re: [Opensc-devel] Giving up on XML DSig => JSON
|
From: Mat A. <arg...@gm...> - 2013-08-29 07:26:57
|
That's a really cool idea. If you somehow wnat to have this adopted as an alternative to XML-DSIG and CMS and ported to other languages, i think you should make a seperate project out of it. cheers Mat On Wednesday 28. August 2013 18:06:43 Anders Rundgren wrote: > Since Google doesn't support XSD or XML DSig in Android I began looking at > other alternatives. There were none :-( Therefore I created a 2000-line > system that writes and reads JSON from Java. In addition, I adopted a > scaled-down version of XML DSig's enveloped-signatures. > > The concept of enveloped signatures have been slammed by some people due to > a belief that canonicalization issues will be hard. FWIW, I just wrote the > entire thing in just a week and I didn't find any problems all. > > https://code.google.com/p/openkeystore/source/browse/#svn%2Flibrary%2Ftrunk% > 2Fsrc%2Forg%2Fwebpki%2Fjson > > It seems that I will be able to replace 200,000 lines of Apache code with > about 2,000 lines of custom code. > > { > "MyLittleSignature": > { > "Version": "http://example.com/signature", > "Now": "2013-08-25T20:31:23+02:00", > "HRT": > { > "RTl": "67", > "YT": > { > "HTL": "656756#", > "INTEGER": -689, > "Fantastic": false > }, > "er": "33" > }, > "ARR": [], > "BARR": > [{ > "HTL": "656756#", > "INTEGER": -689, > "Fantastic": true > }, > { > "HTL": "656756#", > "INTEGER": -689, > "Fantastic": false > }], > "ID": "ihqQONXvN5_LnmdAG7YU", > "STRINGS": ["One","Two","Three"], > "Intra": 78, > "EnvelopedSignature": > { > "SignatureInfo": > { > "Algorithm": > "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256", "Reference": > { > "Name": "ID", > "Value": "ihqQONXvN5_LnmdAG7YU" > }, > "KeyInfo": > { > "PublicKey": > { > "EC": > { > "NamedCurve": > "http://xmlns.webpki.org/sks/algorithm#ec.p256", "X": > "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk", "Y": > "LmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA" } > } > } > }, > "SignatureValue": > "MEUCIEhZtArhp8O7d1n7SRWRQcs3qePGBCrnKY8x2O3o+nvPAiEA0On5hez2EHmEwJIm/UK7Gx > qZeWWcaFzK9OVAhygAWVk" } > } > } > > Why bother with this you may wonder? Well I can't imagine converting the > previous cool stuff to something yucky like JOSE's JWS: > > { > "message": > "eyJ0eXAiOibGciOiJIUzI1NiJ9.LmNvbS9pc19yb290Ijp0cnVlfQ.2K27uhbUJU1p1r_wW1gF > WFOEjXk" } > > Canonicalization (=removal of whitespace): > > "MyLittleSignature":{"Version":"http://example.com/signature","Now":"2013-08 > -25T20:31:23+02:00","HRT":{"RTl":"67","YT":{"HTL":"656756#","INTEGER":-689," > Fantastic":false},"er":"33"},"ARR":[],"BARR":[{"HTL":"656756#","INTEGER":-68 > 9,"Fantastic":true},{"HTL":"656756#","INTEGER":-689,"Fantastic":false}],"ID" > :"ihqQONXvN5_LnmdAG7YU","STRINGS":["One","Two","Three"],"Intra":78,"Envelope > dSignature":{"SignatureInfo":{"Algorithm":"http://www.w3.org/2001/04/xmldsig > -more#ecdsa-sha256","Reference":{"Name":"ID","Value":"ihqQONXvN5_LnmdAG7YU"} > ,"KeyInfo":{"PublicKey":{"EC":{"NamedCurve":"http://xmlns.webpki.org/sks/alg > orithm#ec.p256","X":"lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk"," > Y":"LmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA"}}}} > > Cheers, > Anders > > > ---------------------------------------------------------------------------- > -- Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > Discover the easy way to master current and previous Microsoft technologies > and advance your career. Get an incredible 1,500+ hours of step-by-step > tutorial videos with LearnDevNow. Subscribe today and save! > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel |
