top | item 46249333

(no title)

tnorgaard | 2 months ago

This talk seems set out to prove that "XML is Bad". Yes XML-DSig isn't great with XPaths, but most of these attack vectors has been known for 10 years. There is probably a reason why the vulnerabilities found where in software not commonly used, e.g. SAP. Many of the things possible with XML and UBL simply isn't available in protobuf, json. How would you digitally sign a Json document and embed the signature in the document?

The article nor the talk appear to reference the XML standard that EN 16931 is built upon: Universal Business Language, https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=... - which is freely available. Examples can be found here: https://github.com/Tradeshift/tradeshift-ubl-examples/tree/m... . It is a good standard and yes it's complex, but it is not complicated by accident. I would any day recommend UBL over IDOC, Tradacom, EDIFACT and the likes.

discuss

aleksejs|2 months ago

Most of these attack vectors have been known for 10 years, and yet researchers keep finding bugs in major implementations to this day. Here's one from last week: https://portswigger.net/research/the-fragile-lock

> How would you digitally sign a Json document and embed the signature in the document?

You would not, because that's exactly how you get these bugs. Fortunately serialization mechanisms, whether JSON or Protobuf or XML or anything else, turn structured data into strings of bytes, and signature schemes operate on strings of bytes, so you'll have a great time signing data _after_ serializing it.

BaconVonPork|2 months ago

This seems like a distinction without meaning. The question is whether JSON serializations intended for canonical signing would be somehow safer than those XML serializations. Obviously people would like all the same features that caused problems before.

michaelt|2 months ago

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

> How would you digitally sign a Json document and embed the signature in the document?

Embedding a signature into the same file is easy enough.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v0.9.7 (GNU/Linux)

iEYEARECAAYFAjdYCQoACgkQJ9S6ULt1dqz6IwCfQ7wP6i/i8HhbcOSKF4ELyQB1

oCoAoOuqpRqEzr4kOkQqHRLE/b8/Rw2k =y6kj

-----END PGP SIGNATURE-----

isbvhodnvemrwvn|2 months ago

Or use something similar to jwts, you normalize the document, sign the hash, wrap the original document with metadata and include the signature.

fpoling|2 months ago

If one has a reproducible JSON serializer, then one can add a signature to any JSON object via serializing the object, signing that and then adding the resulting signature to the original object.

This avoids JSON-inside-JSOn and allows to pretty-print the original object with the signature.

baobun|2 months ago

> If one has a reproducible JSON serializer

Pretty significant catch if interoperability is a concern at all. Whitespace is easy enough to handle but how do dict keys get ordered? Are unquoted numbers with high precision output as-is or truncated to floats/JS Numbers? Is scientific notation ever used and if so when?

vlovich123|2 months ago

> How would you digitally sign a Json document and embed the signature in the document?

Presumably the same way you accomplish the thing in xml:

    { “signature”: “…”, “payload”: … }

xorcist|2 months ago

> XML-DSig isn't great with XPaths

Or at all.

> How would you digitally sign a Json document and embed the signature in the document?

Preferrably you wouldn't because that's a really bad idea.

That said, this type of support-every-conceivable-idea design-by-committee systems would be equally bad built on json or anything else. That much is true.

There's probably no silver bullet here. But that is still not an excuse for XML-Sig.

cogman10|2 months ago

Other answers are good. One more that you could do is put the JSON document inside a container (A zip archive for example). Then your document can effectively be

    invoice.inv (zip archive)
    └- payload.json
    └- signature.asc

This has the benefit of adding more opportunities for many json documents within the archive.

It's effectively what the Java jar is.

bsamuels|2 months ago

dont unzip an untrusted payload