You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Rainer Villido (JIRA)" <ji...@apache.org> on 2016/09/19 15:58:20 UTC
[jira] [Comment Edited] (SANTUARIO-451) Creating and validating
signatures using pre-calculated external reference digest
[ https://issues.apache.org/jira/browse/SANTUARIO-451?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15503831#comment-15503831 ]
Rainer Villido edited comment on SANTUARIO-451 at 9/19/16 3:58 PM:
-------------------------------------------------------------------
As the GitHub bot noted, I have created a pull request that solves that issue. I would appreciate if this change would be included in the main release.
https://github.com/apache/santuario-java/pull/6
Thanks!
was (Author: rvillido):
As the GitHub bot noted, I have created a pull request that solves that issue. I would appreciate if this change could be included in the main release.
https://github.com/apache/santuario-java/pull/6
Thanks!
> Creating and validating signatures using pre-calculated external reference digest
> ---------------------------------------------------------------------------------
>
> Key: SANTUARIO-451
> URL: https://issues.apache.org/jira/browse/SANTUARIO-451
> Project: Santuario
> Issue Type: Improvement
> Components: Java
> Reporter: Rainer Villido
> Assignee: Colm O hEigeartaigh
>
> We would like to create and validate signatures using pre-calculated data file digest values and without providing the data files themselves (using detached signature packaging).
> Right now it is not possible to create or validate a signature with detached reference providing only the digest value of the detached reference. The library requires full access to the external resource to calculate its digest value.
> We would like to calculate the digest value of the external resource (detached reference) outside the library and use the pre-calculated digest value when creating or validating a signature.
> There are two use cases for that functionality:
> 1. Having confidential data files. For example, having an online signature creation and validation Web service that uses the Santuario library where the content of the data files is confidential. The content of the data files should not be seen by a third party signature creation and validation service. This includes medical records, police records, bank records, business contracts etc.
> 2. Having very large data files. For example, creating and validating signatures on large data files with an online Web service using the Santuario library. The size of large data files could be in gigabytes or terabytes and it is not feasible to send such large amounts of data over the Web. Examples include large images, medical MRI scans, videos, archives etc.
> In the examples above, a client would calculate the digest value of a data file and send it to the Web service along with the XML signature document. The Web service would validate the signature using the pre-calculated digest value and would respond if the signature is valid for that digest.
> We would appreciate if this possibility would be included in the library.
> Thanks!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)