Comment by bfrog
Signed xml alone is a wildly confusing idea, as the signatures get embedded as elements in the document being signed. There’s a wild set of rules on how to make xml canonical, sign, add the signature, etc. It’s nontrivial.
Signed xml alone is a wildly confusing idea, as the signatures get embedded as elements in the document being signed. There’s a wild set of rules on how to make xml canonical, sign, add the signature, etc. It’s nontrivial.
To clarify, in signing you have to convert xml to bytes you can get back in the other side, while modifying the same bytes injecting signatures. The whole custom canonical xml serializer is actually complex with escape rules and a bunch of other insanity. On the other side you have to do the opposite by dropping the signature element and serializing the same way.
Worse this is done at an element level not a document level as noted in the linked article.
Really, it’s not that simple. It typically requires a while xml library for dealing with it that is error prone. Check the number of errors and cves for libxmlsec for example. Or even the versions in C# or Java.
To expand, generally you wouldn't want to change the identity of the document by signing it (eg change it's hash). That's bananas. If the signature was external to the document, you wouldn't need any complex and error prone rules to canonicalize. You'd just generate an HMAC tag and send it alongside (or, better yet, use an authenticated encryption like AES-GCM).
What's confusing about it? Everything seems pretty obvious to me.