Skip to content

fix: Correct C14N 1.1 handling and improve ECDSA format compatibility#170

Open
atulpatildbz wants to merge 2 commits intorussellhaering:mainfrom
atulpatildbz:canonicalize_issue_c14n11
Open

fix: Correct C14N 1.1 handling and improve ECDSA format compatibility#170
atulpatildbz wants to merge 2 commits intorussellhaering:mainfrom
atulpatildbz:canonicalize_issue_c14n11

Conversation

@atulpatildbz
Copy link

@atulpatildbz atulpatildbz commented Aug 23, 2025
edited
Loading

Provides a fix for the XML signature verification pipeline, addressing bugs that prevented validation of documents using C14N 1.1 canonicalization and the standard IEEE P1363 ECDSA signature format.

Problem

Unable to verify XML digital signatures for some documents due to multiple interacting issues in the signature verification pipeline.

Root Causes Identified

  1. Namespace attribute inheritance problem in C14N 1.1 – The canonicalizer did not properly handle namespace inheritance from ancestor elements.
  2. Canonicalization algorithm not respected – The validation logic ignored the canonicalization method specified in the XML document, leading to digest mismatches.
  3. Signature format mismatch (IEEE P1363 vs ASN.1 DER) – ECDSA signatures were not converted to the format expected by Go's crypto/x509 library, causing verification failures.

Solution

1. Corrected C14N 1.1 Canonicalization Handling

  • Solution: The C14N 1.1 canonicalizer was enhanced to properly inherit namespace declarations from ancestor elements. The core validation logic in getCanonicalSignedInfo() was also modified to respect the canonicalization method specified in the XML, ensuring the correct algorithm is now used during verification.

2. ECDSA Signature Format Conversion

  • Solution: Added conversion for ECDSA signatures from the XML Digital Signature standard format (IEEE P1363) to the ASN.1 DER format expected by Go's crypto libraries. The implementation includes a graceful fallback for signatures that are already in the correct format.

Testing

  • All 27 existing tests pass (zero regressions).
  • Successfully validates real-world NVIDIA RIM signatures.
  • Handles both IEEE P1363 and ASN.1 DER ECDSA formats gracefully.

@atulpatildbz
fix(c14n11): Add namespace inheritance support to C14N 1.1 canonicalizer
b650795 
C14N 1.1 canonicalizer was missing namespace inheritance from parent
elements, causing XML signature validation failures when signed elements
had namespace prefixes defined in ancestor elements.

The issue was already correctly handled in C14N 1.0 REC canonicalizer
which uses getParentNamespaceAndXmlAttributes() and enhanceNamespaceAttributes()
to inherit namespaces from parent elements before canonicalization.

This commit applies the same approach to c14N11Canonicalizer:
- Collect parent namespace declarations using getParentNamespaceAndXmlAttributes()
- Copy input element to avoid mutations
- Enhance element with inherited namespaces using enhanceNamespaceAttributes()
- Proceed with standard canonicalization

Added TestC14N11NamespaceInheritance to verify the fix works correctly.
The test demonstrates that canonicalized output now includes proper
xmlns declarations for inherited namespaces (e.g., xmlns:ds="...").

Fixes XML signature validation for documents using C14N 1.1 canonicalization
with namespace prefixes defined in parent elements
@atulpatildbz
fix: integrate C14N 1.1 canonicalization and add ECDSA format conversion
2a8dd02 
This commit addresses two critical issues:

1. **C14N 1.1 Integration Fix**: Modified getCanonicalSignedInfo() to respect
   the CanonicalizationMethod specified in XML signatures. Previously, the
   function ignored the XML-specified algorithm and always used basic
   canonicalization, preventing the C14N 1.1 namespace inheritance fix (b650795) from
   being applied during signature verification.

2. **ECDSA Signature Format Conversion**: Added automatic conversion from
   XML DSig IEEE P1363 format to ASN.1 DER format for ECDSA signatures.
   XML Digital Signature standard uses IEEE P1363 (r||s concatenated),
   while Go's x509.CheckSignature expects ASN.1 DER (structured sequence).

Changes:
- Modified getCanonicalSignedInfo() to extract and respect CanonicalizationMethod
- Added switch statement to apply correct canonicalizer based on algorithm
- Implemented convertXMLDSigECDSASignature() for IEEE P1363 → ASN.1 DER conversion
- Added isECDSAAlgorithm() helper for signature type detection
- Added graceful fallback when format conversion fails

Testing:
- All 27 existing tests pass (zero regressions)
- Handles both IEEE P1363 and ASN.1 DER ECDSA formats gracefully
@atulpatildbz atulpatildbz marked this pull request as draft August 23, 2025 15:00
@atulpatildbz atulpatildbz changed the title fix(c14n11): Add namespace inheritance support to C14N 1.1 canonicalizer fix: Correct C14N 1.1 handling and improve ECDSA format compatibility Aug 23, 2025
@atulpatildbz atulpatildbz marked this pull request as ready for review August 26, 2025 03:26
@atulpatildbz
Copy link
Author

atulpatildbz commented Sep 1, 2025

Hi @russellhaering,

Would it be possible for you to take a look at these changes?
Let me know if you need more information or want me perform additional testing.

@atulpatildbz atulpatildbz mentioned this pull request Dec 19, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@atulpatildbz