Bug 44629 - Switch order of XML Signature validation steps
Summary: Switch order of XML Signature validation steps
Alias: None
Product: Security - Now in JIRA
Classification: Unclassified
Component: Signature (show other bugs)
Version: Java 1.4.1
Hardware: All All
: P2 normal
Target Milestone: ---
Assignee: XML Security Developers Mailing List
Depends on:
Reported: 2008-03-18 10:27 UTC by sean.mullan
Modified: 2008-03-18 10:29 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description sean.mullan 2008-03-18 10:27:14 UTC
The XMLDSig specification lists the order of operations in core validation as first validating the digests, and then the signature. This order is not a requirement but the Java XMLSec implementation chose to implement it in this order. 

The reverse order (validating the signature first and then the digests) is actually safer and leads to earlier detection of invalid signatures, as this would detect attempts to insert or modify information in the SignedInfo element before validating the references. For example, this would detect attempts to insert malicious transforms before they are executed, or any modification of the contents of the SignedInfo.

See Brad Hill's paper for more information: http://www.w3.org/2007/xmlsec/ws/papers/04-hill-isecpartners