2

I want to make a javascript library for signing messages. I expect the format to be something like...

--- BEGIN SIGNED MESSAGE ---
This is a plain old message
It goes on and on...
--- BEGIN RSA OF SHA1 ---
Base64Stringassfd86asdf870n8
09as8d76fn098==
--- END SIGNED MESSAGE ---

But I don't know the correct format. I could replicate PGP format (I am sure it is not hard to find info on that) but I would prefer to use a standard method if there is one.

Is there a standard format for this kind of signed message?

Billy Moon
  • 57,113
  • 24
  • 136
  • 237
  • Duncan Jones said well about available standard formats, and I would suggest that you try to make use of anything already done - without serious knowledge of security and PKI you can easily make a security-related mistake. And you surely have read articles on why javascript crypto is bad idea, haven't you? – Eugene Mayevski 'Callback Mar 27 '13 at 07:59

2 Answers2

3

Cryptographic Message Syntax (a.k.a PKCS #7) is a very commonly used format for signed data. It also supports encryption and authentication of payload contents, so it's a bit of an uber-format. The downside is the complexity of implementation - the specification can be tiresome to trawl through and you have to be comfortable working with ASN.1.

OpenPGP format is likely to be simpler to implement and more readable to the human eye (no ASN.1 to be seen). This might be the best bet for simplicity. Again, you would have the option to add encryption at a later date, if you so desired. However, the specification can be equally infuriating to work with - I've never encountered an RFC that was so... imprecise before.

Community
  • 1
  • 1
Duncan Jones
  • 67,400
  • 29
  • 193
  • 254
  • OpenPGP is no simpler than PKCS#7 (other than you *often* see base64-encoded data rather than binary). – Eugene Mayevski 'Callback Mar 27 '13 at 07:58
  • @EugeneMayevski'EldoSCorp Having implemented parts of both standards, I disagree. However, that may be due to my own aptitude towards different programming tasks. It's certainly my subjective opinion. – Duncan Jones Mar 27 '13 at 07:59
  • Well, we implemented them both (and much more) completely in a library (SecureBlackbox). Implementing a part is simpler and you can omit certain complex things. Of course, PKI in whole is much wider (and more complicated) than OpenPGP, but if we are comparing PKCS#7 with OpenPGP encryption/signing, then they have equal complexity. – Eugene Mayevski 'Callback Mar 27 '13 at 13:03
1

For sake of completion, W3C XML Signature, it is slightly easier from the syntax and encoding perspective but requires that the final data is in XML.

Ironluca
  • 3,402
  • 4
  • 25
  • 32