Versions Compared

Old Version 3

changes.mady.by.user Ian Young

Saved on

compared with

New Version Current

changes.mady.by.user Ian Young

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The XML Digital Signature standard operates as a two-part process:

  1. The document to be signed is processed to generate a SignedInfo element.  This processing involves using a cryptographic hash function to reduce the final result to a shorter message digest.  We will refer to the selected hash function as the digest algorithm.

  2. The SignedInfo element is digitally signed using a signature algorithm appropriate for the type of credential used.  For example, in the case of an RSA credential the signature algorithm used combines the RSA private key operation with a second cryptographic hash function used to produce a second message digest of the SignedInfo element.

By default, XmlSecTool selects the following digest and signature algorithms for each of the credential types:

Credential

Digest

Signature

RSA

SHA-256

RSA + SHA-256

EC

SHA-256

ECDSA + SHA-256

DSA

SHA-256

DSA + SHA-1

To select a different hash function, XmlSecTool provides the --digest option, which takes the name of a hash function as parameter.  For example:

...

Selecting a value for the --digest option changes both the digest algorithm and, for RSA and Elliptic Curve credentials, the appropriate component of the signature algorithm.  For example, selecting –digest SHA-512 would result in the following algorithms being selected for each credential type:

Credential

Digest

Signature

RSA

SHA-512

RSA + SHA-512

EC

SHA-512

ECDSA + SHA-512

DSA

SHA-512

DSA + SHA-1

In some situations, this simplified selection process does not allow you to use the digest and signature algorithms you need for a particular application.  For example, hash functions such as MD5 are not included because they are regarded as being too weak for regular use.  In these cases, you can override the digest algorithm and signature algorithms selected based on the --digest option using the --digestAlgorithm and --signatureAlgorithm options.  These each take as parameter the full URI identifier of the algorithm to use, so that any algorithm supported by the Apache Santuario cryptographic library in use can be specified.  You can mix these fine-grained options with --digest, as in the following example:

...

If the default behaviour is not suitable, whether because it disallows an algorithm you need xmlsectool to accept or because it does disallow algorithms you regard as too weak, you can manipulate it using the following command-line options:

  • --allowAllDigests removes the default disallowed algorithms, so that all algorithms are allowed.  Do this only if you are sure that you need to use one of the algorithms that are disallowed by default, and therefore need complete control over behaviour. It is better to use, e.g., "–-allowDigest SHA-1" if you can (see below). 

  • --disallowDigest disallows algorithms related to the given digest function.  For example, --disallowDigest SHA256 would disallow algorithms related to the SHA-256 digest function. This option may appear any number of times.

  • --allowDigest allows algorithms related to the given digest function to be used during signature verification. For example, --allowDigest SHA1 would permit signatures based on the SHA-1 digest function to be verified. This option may appear any number of times.

  • --listAlgorithms is an action option you can use to display the algorithms which are currently disallowed. See the examples below.

These options can appear on the command line in any order, but will always be processed in the order given above.  Note also that these options only change the behaviour of xmlsectool for a single invocation; you must include them in the command line every time you want to override the defaults.

Example: viewing the default blacklist.

No Formatcode
$ ./xmlsectool.sh --listAlgorithms
Disallowed digest algorithms:
   http://www.w3.org/2000/09/xmldsig#sha1
   http://www.w3.org/2001/04/xmldsig-more#md5

Disallowed signature algorithms:
   http://www.w3.org/2000/09/xmldsig#rsa-sha1
   http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
   http://www.w3.org/2001/04/xmldsig-more#rsa-md5

Example: extending the default list of disallowed algorithms.

No Formatcode
$ ./xmlsectool.sh --disallowDigest SHA256 --listAlgorithms
Disallowed digest algorithms:
   http://www.w3.org/2000/09/xmldsig#sha1
   http://www.w3.org/2001/04/xmldsig-more#md5
   http://www.w3.org/2001/04/xmlenc#sha256

Disallowed signature algorithms:
   http://www.w3.org/2000/09/xmldsig#rsa-sha1
   http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
   http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
   http://www.w3.org/2001/04/xmldsig-more#rsa-md5
   http://www.w3.org/2001/04/xmldsig-more#rsa-sha256

Example: removing algorithms from the default list of disallowed algorithms.

No Formatcode
$ ./xmlsectool.sh --allowDigest SHA1 --listAlgorithms
Disallowed digest algorithms:
   http://www.w3.org/2001/04/xmldsig-more#md5

Disallowed signature algorithms:
   http://www.w3.org/2001/04/xmldsig-more#rsa-md5

Example: full control (NOT RECOMMENDED).

No Formatcode
$ ./xmlsectool.sh --allowAllDigests --disallowDigest SHA1 --listAlgorithms
Disallowed digest algorithms:
   http://www.w3.org/2000/09/xmldsig#sha1

Disallowed signature algorithms:
   http://www.w3.org/2000/09/xmldsig#rsa-sha1
   http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1