Verifying hmac-sha1 signed files without --lax-key-search?

[timlegge]

Question about verifying hmac-sha1 signed files

I am signing a xml file (with XML::Sig) and the final xml and associated keys file is below

As @lsh123 mentioned in a prior discussion I now need the --lax-key-search to verify the key

xmlsec1 --verify --lax-key-search --keys-file t/xmlsec-keys.xml --id-attr:ID "foo" tmp-sha1.xml 

Should I be doing anything different to reference the proper key?

<?xml version="1.0"?>
<foo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" ID="XML-SIG_1">
    <bar>123</bar>
<dsig:Signature>
            <dsig:SignedInfo xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
                <dsig:Reference URI="#XML-SIG_1">
                        <dsig:Transforms>
                            <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                            <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </dsig:Transforms>
                        <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                        <dsig:DigestValue>rTas/bdJW1wsH1dv8pxqsDlhLHujpmlvc7kFT7K9cBc=</dsig:DigestValue>
                    </dsig:Reference>
            </dsig:SignedInfo>
            <dsig:SignatureValue>2xMFBvXQ3KKnsKD5b3EEOeFAnlxJOY8Mg8I+7ZpHfko=
</dsig:SignatureValue>
        </dsig:Signature></foo>

The keys file is: cat t/xmlsec-keys.xml

<?xml version="1.0"?>
<Keys xmlns="http://www.aleksey.com/xmlsec/2002">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>tim</KeyName>
<KeyValue>
<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">0xXHREA0s/rJwUIa9diyTJVhHgMs8OgMpp7FvGnUH1TApJeCq+PwZKcVCQQmaNNn
yl5pRE67PP9+f9og/JIg3TdJBbzMR/XVjowRQWY4tM4iufz+TIcgjLtPGgriQ+vk
1ABik1RrS9rZzxgCSvizfUmDaNsS/oIHhyVXoc2JXTM=</HMACKeyValue>
</KeyValue>
</KeyInfo>
</Keys>

[timlegge]

Actually, I figured it out:

I needed:

            <dsig:KeyInfo>
                            <dsig:KeyName>tim</dsig:KeyName>
                            </dsig:KeyInfo>

Result

<?xml version="1.0"?>
<foo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" ID="XML-SIG_1">
    <bar>123</bar>
<dsig:Signature>
            <dsig:SignedInfo xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
                <dsig:Reference URI="#XML-SIG_1">
                        <dsig:Transforms>
                            <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                            <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </dsig:Transforms>
                        <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                        <dsig:DigestValue>rTas/bdJW1wsH1dv8pxqsDlhLHujpmlvc7kFT7K9cBc=</dsig:DigestValue>
                    </dsig:Reference>
            </dsig:SignedInfo>
            <dsig:SignatureValue>2xMFBvXQ3KKnsKD5b3EEOeFAnlxJOY8Mg8I+7ZpHfko=
</dsig:SignatureValue>
            <dsig:KeyInfo>
                            <dsig:KeyName>tim</dsig:KeyName>
                            </dsig:KeyInfo>
        </dsig:Signature></foo>

[timlegge]

Interestingly it fails to fine the key if there are new lines in the Keyname such as:

<dsig:KeyName>
tim
</dsig:KeyName>

[lsh123]

1/ yeah I think picking up an arbitrary key just because XML needs RSA and you happen to have an RSA key somewhere is not a good idea for many reasons. It was done that way because many interop tests didn't specify key name or anything else in keyinfo but it was a bad idea for real production use cases. But changing that is changing behavior in a significant way so I didn't want to do it until a major release.

2/ Spaces are significant in XML and this is why key names don't trim spaces. Same story --> should have been fixed long time ago but breaking API is bad so... I will fix it though for the upcoming release that breaks API anyway.

[lsh123]

PR #565