No update.
Well, I was working on digitally signing documents that I wanted to do for our book-keeping app. And all I can say is that solution for that is unnecessarily overengineered. Why?
Well, I was working on digitally signing documents that I wanted to do for our book-keeping app. And all I can say is that solution for that is unnecessarily overengineered. Why?
- XAdES is a way to have digital singature of any xml document. Fine with that. It protects against modifying data in sent document, timestamp, signature itself etc. If you modify (almost) anything in document to be sent, it will fail veritifaction. So that's good, right? Well... It doesn't give any extra security and as documents that are sent are just info about tax being paid and such stuff, no one may care about it that much. Timestamp? (that is part of XAdES BES, not pure XAdES) What for? You can put anything you want there and only if someone would like to modify it, it would be impossible. But in the end, only thing that matters is when it came to the system.
- My second issue related to XAdES is that it is standard, right? And there is no easy out-of-the-box solution for it. There are classes in .NET that allow signing documents but they are dead end and what you really want, is to go through XAdES documentation, learn a little bit about crypting and write your own implementation. For something that should already have open source, available to anyone implementation. Why do I think so? Because lots of people will waste their time on doing exactly same thing. There are strict rules that you have to follow. Input and output are defined (well, without some omitable details, like form of some "id" tags) and everyone that will be implementing that, will waste their time. Even if that would be just one hour. It took my few hours, but I haven't done anything like that before. It would work as a charm if only...
- Actual digital signatures. I knew a little bit about RSA keys and cryptography in general. And I though that if you have proper certificate installed on your machine, there are tools, libraries and stuff to make it possible to use that key/certificate to sign any data. Without accessing any data inside that key/certificate. To make key/certificate work as kind of service and make it harder to abuse it. Right? No. Keys and certificates that you can access using simple methods are useless in real world according to some people. Just having RSA key generated is not enough and I'm partially right about that. You can easily copy private key and abuse it. That's why private keys are stored on devices (like you wouldn't be able to copy it from there) or on other computers and you only send data there to be signed. That's fine right? But what about implementing all those various solutions? From what I could find withing given time frame - there is no information how that can be done or even if it should be done like that. I really thought that there is some API that is part of OS, that you tell to sign some data and it is done by stuff installed to OS. And maybe there is something like that, but I couldn't find it. Diversity is good but when it is controlled a little bit, when there is common ground and you don't have to handle everything separately. Then it may be disastrous.
- And most annoying thing about that is after initial boom for digital signature, our government decided to make it easier for people to sign their tax forms and more of them can be signed using data from previous years. You just put at the end of document information about how much have you paid one or two years ago. Why did they do that? I'd say that they've seen that there are more problems with current system (XAdES + various solutions to compute signature) than benefits. I'd say that they could centralise signing system but then someone (well I know exactly which company that would be) would win the contract and we would have to wait couple of years for it to work properly. On the other hand, digital signature market is not so open, as you have to be certified and you need to comply to various requirements. And... some companies are withdrawing now from providing digital signature.
That's it. I will continue working on digital signature quite soon, although I'd like to do sending invoices in PDF format by e-mail, but now I want to do few things for Dragontorc. Finish simple travel system and finish this milestone. And start porting to C++.
Okay, that's nice. It seems that because I was writing about documents and security, some bot posted link to company that, I think, is focused on shredding documents. Although when you take a look at that page, you can find lots of templates (heading 1, heading 2, etc ;) ) and only in few places there is substantial info to be found.
ReplyDeleteAnd when I was younger I used to shred lots of documents with my own hands. Because we didn't have shredder back then ;)