106
edits
Talk:Extension Manager:Addon Update Security:Signature: Difference between revisions
Jump to navigation
Jump to search
Talk:Extension Manager:Addon Update Security:Signature (view source)
Revision as of 22:02, 18 September 2007
, 18 September 2007Updates
(Added a preface) |
(Updates) |
||
| Line 9: | Line 9: | ||
Below, Dave explains that there is a [http://developer.mozilla.org/en/docs/Extension_Versioning%2C_Update_and_Compatibility#Update_RDF_Format developer page] with more examples, which may work, but it's still not a specification. | Below, Dave explains that there is a [http://developer.mozilla.org/en/docs/Extension_Versioning%2C_Update_and_Compatibility#Update_RDF_Format developer page] with more examples, which may work, but it's still not a specification. | ||
== Nelson's original comments of 2007-09- | == Nelson's original comments of 2007-09-15 19:15:21 PST == | ||
Here are some comments on the page [[User:Mossop:Fx-Docs:AddonUpdateSignature]] | Here are some comments on the page [[User:Mossop:Fx-Docs:AddonUpdateSignature]] | ||
| Line 23: | Line 23: | ||
A2. According to the example, it is the raw binary RSA signature, base64 encoded. It is not encoded as an ASN.1 bit string, and so is not the same signature format as that used in certificates in RFC 3280. Neither is it encoded as an ASN.1 "encryptedDigest" (an octet string) as defined in RFC 2315 (PKCS#7), nor as a "SignatureValue" (also an octet string) as defined in RFC 3852. Whether leading zero octets are to be suppressed or not is not specified. | A2. According to the example, it is the raw binary RSA signature, base64 encoded. It is not encoded as an ASN.1 bit string, and so is not the same signature format as that used in certificates in RFC 3280. Neither is it encoded as an ASN.1 "encryptedDigest" (an octet string) as defined in RFC 2315 (PKCS#7), nor as a "SignatureValue" (also an octet string) as defined in RFC 3852. Whether leading zero octets are to be suppressed or not is not specified. | ||
<b>Update:</b> See definition of ManifestSignature below. | |||
<b>Q3. What is the required/expected syntax of a DSA signature?</b> | <b>Q3. What is the required/expected syntax of a DSA signature?</b> | ||
| Line 30: | Line 32: | ||
which is exactly 20 bytes. Perhaps they are to be concatenated into a single 40-byte binary block, as done by SSL 3.0, or perhaps they are to be ASN.1 encoded as a sequence of two integers, as in the Dss-Sig-Value in RFC 2246 (TLS 1.0). | which is exactly 20 bytes. Perhaps they are to be concatenated into a single 40-byte binary block, as done by SSL 3.0, or perhaps they are to be ASN.1 encoded as a sequence of two integers, as in the Dss-Sig-Value in RFC 2246 (TLS 1.0). | ||
Other issues of cryptographic significance: | <b>Update:</b> See definition of ManifestSignature below. | ||
<b>Other issues of cryptographic significance:</b> | |||
1. The page gives an example of an RDF/XML construct that contains a key. I am not sure, but I think that construct is called an "install-manifest". This install-manifest appears to have many of the properties of a public key certificate. It appears to be a binding of a contributor name, and one or more product identifiers, to a public key. However, the manifest itself is not cryptographically protected. It is not signed. I imagine this is because it is intended to be downloaded via https, and the copy downloaded is presumed to be valid at the source server. That's not unreasonable. However, if it was signed, it would also offer detection of alteration after downloading. Also, IINM, there is another proposed standard that defines a certificate entirely encoded in XML. One wonders if that standard should be used rather than inventing yet another. | 1. The page gives an example of an RDF/XML construct that contains a key. I am not sure, but I think that construct is called an "install-manifest". This install-manifest appears to have many of the properties of a public key certificate. It appears to be a binding of a contributor name, and one or more product identifiers, to a public key. However, the manifest itself is not cryptographically protected. It is not signed. I imagine this is because it is intended to be downloaded via https, and the copy downloaded is presumed to be valid at the source server. That's not unreasonable. However, if it was signed, it would also offer detection of alteration after downloading. Also, IINM, there is another proposed standard that defines a certificate entirely encoded in XML. One wonders if that standard should be used rather than inventing yet another. | ||
| Line 87: | Line 91: | ||
So I think we now know the expected and required signature format for these manifests, including DSA signature format. Unfortunately, this particular ASN.1 sequence doesn't match any standard signature syntax known to me. So, I think a custom signature generating tool will be necessary, to produce signatures in this unusual encoding. | So I think we now know the expected and required signature format for these manifests, including DSA signature format. Unfortunately, this particular ASN.1 sequence doesn't match any standard signature syntax known to me. So, I think a custom signature generating tool will be necessary, to produce signatures in this unusual encoding. | ||
<b>Update:</b> That tool is named "McCoy" (the <i>Real</i> McCoy ?). The source may be found [http://viewvc.svn.mozilla.org/vc/projects/mccoy/trunk/components/src/ here] and discussion is found at [[McCoy]] this wiki page. | |||