Digital Signing
179 views
Skip to first unread message
elo...@gmail.com
Aug 2, 2008, 5:08:17 AM8/2/08
to Protocol Buffers
Suppose I would like to digitally sign a protocol buffer (possibly
adding new fields for this if neccessary) so that I can ensure that
anyone can read the message, but so that I could ensure that the
message was not modified by an untrusted writer.
What would the best way to do this be? Having one field which is some
form of unknown hash of the others is not feasible, as this would
break backwards and forwards compatibility when new fields are added
in future versions of the .proto. Does anyone else have similar
requirements?
adding new fields for this if neccessary) so that I can ensure that
anyone can read the message, but so that I could ensure that the
message was not modified by an untrusted writer.
What would the best way to do this be? Having one field which is some
form of unknown hash of the others is not feasible, as this would
break backwards and forwards compatibility when new fields are added
in future versions of the .proto. Does anyone else have similar
requirements?
Marc Gravell
Aug 3, 2008, 4:50:32 AM8/3/08
to Protocol Buffers
Maybe this is a naïve solution, but couldn't you just have:
message SignedMessage {
required bytes signature = 1;
required bytes payload = 2;
}
any any standard hash algorithm on the bytes to generate the
signature? This also doesn't need any specific pb support - you just
serialize to a blob, hash the blob, and store the hash and blob in a
new message. Likewise to rehydrate, read the hash, read the blob,
validate the hash from the blob and then (if OK) deserialize the
payload.
Marc
message SignedMessage {
required bytes signature = 1;
required bytes payload = 2;
}
any any standard hash algorithm on the bytes to generate the
signature? This also doesn't need any specific pb support - you just
serialize to a blob, hash the blob, and store the hash and blob in a
new message. Likewise to rehydrate, read the hash, read the blob,
validate the hash from the blob and then (if OK) deserialize the
payload.
Marc
Reply all
Reply to author
Forward
0 new messages