44629 – Switch order of XML Signature validation steps

Bug 44629 - Switch order of XML Signature validation steps

Summary: Switch order of XML Signature validation steps

Status:	RESOLVED FIXED

Alias:	None

Product:	Security - Now in JIRA
Classification:	Unclassified
Component:	Signature (show other bugs)
Version:	Java 1.4.1
Hardware:	All All

Importance:	P2 normal
Target Milestone:	---
Assignee:	XML Security Developers Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2008-03-18 10:27 UTC by sean.mullan
Modified:	2008-03-18 10:29 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description sean.mullan 2008-03-18 10:27:14 UTC

The XMLDSig specification lists the order of operations in core validation as first validating the digests, and then the signature. This order is not a requirement but the Java XMLSec implementation chose to implement it in this order. 

The reverse order (validating the signature first and then the digests) is actually safer and leads to earlier detection of invalid signatures, as this would detect attempts to insert or modify information in the SignedInfo element before validating the references. For example, this would detect attempts to insert malicious transforms before they are executed, or any modification of the contents of the SignedInfo.

See Brad Hill's paper for more information: http://www.w3.org/2007/xmlsec/ws/papers/04-hill-isecpartners