Документ взят из кэша поисковой машины. Адрес оригинального документа : http://lnfm1.sai.msu.ru/~leo/ietf/submited/draft-chudov-cryptopro-cpxmldsig-00.txt Дата изменения: Wed Apr 7 15:44:50 2004 Дата индексирования: Mon Oct 1 23:29:39 2012 Кодировка: Поисковые слова: comet

XMLDSIG Working Group Grigorij Chudov, CRYPTO-PRO
Internet Draft Serguei Leontiev, CRYPTO-PRO
Expires October 7, 2004 April 7, 2004
Intended Category: Informational

Using algorithms GOST R 34.10-2001, GOST R 34.10-94
and GOST R 34.11-94 for XML Digital Signatures



Status of this Memo

This document is an Internet-Draft and is subject to all provisions
of Section 10 of RFC2026.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or made obsolete by other documents at
any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html

Abstract


This document specifies how to use Russian national cryptographic
standards GOST R 34.10-2001, GOST R 34.10-94 and GOST R 34.11-94
digital signatures and public keys with XML Signatures [XMLDSIG].
The mechanism specified provides integrity, message authentication,
and/or signer authentication services for data of any type, whether
located within the XML that includes the signature or included by
reference.

Table of Contents

1 Introduction. . . . . . . . . . . . . . . . . . . . . . . 2
2 GOST R 34.10-94/2001. . . . . . . . . . . . . . . . . . . 3
3 Specifying GOST within XMLDSIG. . . . . . . . . . . . . . 3
3.1 Version, Namespaces and Identifiers . . . . . . . . . . . 3



Chudov, Leontiev Informational [Page 1]

Internet-Draft Using GOST for XML Digital Signatures April 2004


3.2 XML Schema Preamble and DTD Replacement . . . . . . . . . 3
3.2.1 XML Schema Preamble . . . . . . . . . . . . . . . . . . . 3
3.2.2 DTD Replacement . . . . . . . . . . . . . . . . . . . . . 3
3.3 SignatureMethod Algorithms. . . . . . . . . . . . . . . . 3
3.3.1 Public Key Signature Algorithms . . . . . . . . . . . . . 3
3.3.2 Message Authentication Code Algorithms. . . . . . . . . . 3
3.4 DigestMethod Algorithms . . . . . . . . . . . . . . . . . 4
3.5 GOST Key Values . . . . . . . . . . . . . . . . . . . . . 4
3.5.1 Key Value Root Element. . . . . . . . . . . . . . . . . . 4
3.5.2 GOST Parameters . . . . . . . . . . . . . . . . . . . . . 4
4 Security Considerations . . . . . . . . . . . . . . . . . 8
Appendix A: Aggregate XML Schema. . . . . . . . . . . . . . . . 9
Appendix B: Aggregate DTD . . . . . . . . . . . . . . . . . . . 9
References. . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 12
Author's Addresses. . . . . . . . . . . . . . . . . . . . . . . 12
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 14

1 Introduction

This document specifies how to use GOST R 34.10-2001, GOST R 34.10-94
and GOST R 34.11-94 digital signatures and public keys with XML
Signatures [XMLDSIG]. Therein only two digital signature methods are
defined: RSA signatures and DSA (DSS) signatures, one message digest
method: SHA-1 and one message authentification method: HMAC-SHA1.
This document introduces GOST R 34.10-94/2001 signatures as
additional methods.

This document uses both XML Schemas [XML-schema] (normative) and DTDs
[XML] (informational) for specifying the corresponding XML
structures.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT","SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in [RFC 2119].

2 GOST R 34.10-94/2001

Algorithms GOST R 34.10-94, GOST R 34.10-2001 and GOST R 34.11-94
have been developed by Russian Federal Agency of Governmental
Communication and Information (FAGCI) and "All-Russian Scientific and
Research Institute of Standardization". They are described in
[GOSTR341094], [GOSTR34102001] and [GOSTR341194]. Recomended
parameters for those algorithms are described in [CPALGS].

The only hash function used with GOST R 34.10-94/2001 is GOST R
34.11-94.




Chudov, Leontiev Informational [Page 2]

Internet-Draft Using GOST for XML Digital Signatures April 2004


3 Specifying GOST within XMLDSIG

This section specifies the details of how to use GOST algorithms with
XML Signature Syntax and Processing [XMLDSIG]. It relies heavily on
the syntax and namespace defined in [XMLDSIG].

3.1 Version, Namespaces and Identifiers

This specification makes no provision for an explicit version number
in the syntax. If a future version is needed, it will use a different
namespace.

The XML namespace [XML-ns] URI that MUST be used by implementations
of this (dated) specification is:
http://www.w3.org/2001/04/xmldsig-more#

Elements in the namespace of the [XMLDSIG] specification are marked
as such by using the namespace prefix "dsig" in the remaining
sections of this document.

3.2 XML Schema Preamble and DTD Replacement

3.2.1 XML Schema Preamble

The subsequent preamble is to be used with the XML Schema definitions
given in the remaining sections of this document.


targetNamespace="http://www.w3.org/2001/04/xmldsig-more#"
xmlns:gost="http://www.w3.org/2001/04/xmldsig-more#"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" attributeFormDefault="unqualified"
version="0.2">

3.2.2 DTD Replacement

In order to include GOST in XML-signature syntax, the following
definition of the entity Key.ANY SHOULD replace the one in [XMLDSIG]:



3.3 SignatureMethod Algorithms

3.3.1 Public Key Signature Algorithms

The input to the GOST R 34.10-94/2001 algorithms is the canonicalized
representation of the dsig:SignedInfo element as specified in Section



Chudov, Leontiev Informational [Page 3]

Internet-Draft Using GOST for XML Digital Signatures April 2004


3 of [XMLDSIG].

The output consists of a pair of integers usually referred by the
pair (r, s). The signature value (text value of element
dsig:SignatureValue - see section 4.2 of [XMLDSIG]) consists of the
base64 encoding of the concatenation of two octet-streams that
respectively result from the octet-encoding of the values r and s.
This concatenation is described in section 2.2 of [CPPK].

The identifier for the GOST R 34.10-94 signature algorithm is:
http://www.w3.org/2001/04/xmldsig-more#gostr341094-gostr3411

The identifier for the GOST R 34.10-2001 signature algorithm is:
http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411

3.3.2 Message Authentication Code Algorithms

GOST R 34.11-94 can also be used in HMAC as described in section
2.2.1 of [XMLURI] for HMAC-MD5.

Identifier:
http://www.w3.org/2001/04/xmldsig-more#hmac-gostr3411

3.4 DigestMethod Algorithms

The identifier for the GOST R 34.11-94 digest algorithm is:
http://www.w3.org/2001/04/xmldsig-more#gostr3411

GOST R 34.11-94 digest is a 256-bit string. The content of the
DigestValue element shall be the base64 encoding of this bit string
viewed as a 32-octet octet stream.

3.5 GOST Key Values

The syntax used for GOST key values closely follows the ASN.1 syntax
defined in [CPPK].

3.5.1 Key Value Root Element

Elements GOST3410-94-KeyValue and GOST3410-2001-KeyValue are used for
encoding GOST public keys. For use with XMLDSIG simply use these
elements inside dsig:KeyValue, such as the predefined elements
dsig:RSAKeyValue or dsig:DSAKeyValue.

The elements consist of an optional subelement Parameters and the
mandatory subelement PublicKey. If Parameters are missing in an
instance, this means that the application knows about them from other
means (implicitly).



Chudov, Leontiev Informational [Page 4]

Internet-Draft Using GOST for XML Digital Signatures April 2004


Schema Definition:

type="gost:GOST3410-94-KeyValueType"/>
type="gost:GOST3410-2001-KeyValueType"/>



type="gost:GostR3410_94_PublicKeyParametersType"
minOccurs="0"/>





type="gost:GostR3410_2001_PublicKeyParametersType"
minOccurs="0"/>




DTD Definition:

GostR3410_94_PublicKeyParameters?, PublicKey) >
GostR3410_2001_PublicKeyParameters?, PublicKey) >


3.5.2 GOST Parameters

Gost paramaters contain three OIDs: publicKeyParamSet, digestParamSet
and optional encryptionParamSet. Parameter values, corresponding to
these OIDs, can be found in [CPALGS].

Schema Definition:

type="GostR3410_94_PublicKeyParametersType"/>
type="GostR3410_2001_PublicKeyParametersType"/>


type="gost:OBJECT-IDENTIFIER"/>



Chudov, Leontiev Informational [Page 5]

Internet-Draft Using GOST for XML Digital Signatures April 2004


type="gost:OBJECT-IDENTIFIER"/>
type="gost:OBJECT-IDENTIFIER"
minOccurs="0"/>




type="gost:OBJECT-IDENTIFIER"/>
type="gost:OBJECT-IDENTIFIER"/>
type="gost:OBJECT-IDENTIFIER"
minOccurs="0"/>









DTD Definition:

publicKeyParamSet, digestParamSet,
encryptionParamSet?) >
publicKeyParamSet, digestParamSet,
encryptionParamSet?) >





4 Security Considerations

It is RECCOMENDED, that applications verify signature values and
subject public keys to conform to [GOSTR34102001], [GOSTR341094]
standards prior to their use.

For security discussion concerning use of algorithm parameters, see
section Security Considerations from [CPALGS].

Appendix A: Aggregate XML Schema



Chudov, Leontiev Informational [Page 6]

Internet-Draft Using GOST for XML Digital Signatures April 2004



targetNamespace="http://www.w3.org/2001/04/xmldsig-more#"
xmlns:gost="http://www.w3.org/2001/04/xmldsig-more#"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" attributeFormDefault="unqualified"
version="0.2">



type="gost:GostR3410_94_PublicKeyParametersType"
minOccurs="0"/>





type="gost:GostR3410_2001_PublicKeyParametersType"
minOccurs="0"/>






type="gost:OBJECT-IDENTIFIER"/>
type="gost:OBJECT-IDENTIFIER"/>
type="gost:OBJECT-IDENTIFIER"
minOccurs="0"/>




type="gost:OBJECT-IDENTIFIER"/>
type="gost:OBJECT-IDENTIFIER"/>
type="gost:OBJECT-IDENTIFIER"
minOccurs="0"/>






Chudov, Leontiev Informational [Page 7]

Internet-Draft Using GOST for XML Digital Signatures April 2004








Appendix B: Aggregate DTD

GostR3410_94_PublicKeyParameters?, PublicKey) >
GostR3410_2001_PublicKeyParameters?, PublicKey) >

publicKeyParamSet, digestParamSet,
encryptionParamSet?) >
publicKeyParamSet, digestParamSet,
encryptionParamSet?) >




References


[GOSTR341094] "Information technology. Cryptographic Data Security.
Produce and check procedures of Electronic Digital
Signatures based on Asymmetric Cryptographic Algo-
rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of
Russian Federation, Government Committee of the Rus-
sia for Standards, 1994. (In Russian);


[GOSTR34102001] "Information technology. Cryptographic Data Secu-
rity.Signature and verification processes of [elec-
tronic] digital signature.", GOST R 34.10-2001, Gosu-
darstvennyi Standard of Russian Federation, Govern-
ment Committee of the Russia for Standards, 2001. (In
Russian);


[GOSTR341194] "Information technology. Cryptographic Data Security.
Hashing function.", GOST R 34.10-94, Gosudarstvennyi
Standard of Russian Federation, Government Committee
of the Russia for Standards, 1994. (In Russian);





Chudov, Leontiev Informational [Page 8]

Internet-Draft Using GOST for XML Digital Signatures April 2004


[RFC 2119] Bradner, S., "Key Words for Use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.


[XMLDSIG] Eastlake, D., Reagle, J., and Solo, D., XML-Signature
Syntax and Processing. W3C Recommendation, February
2002. http://www.w3.org/TR/2002/REC-xmldsig-
core-20020212/


[XML-schema] Beech, D., Maloney, M., Mendelsohn, N., and Thompson,
H., XML Schema Part 1: Structures, W3C Recommenda-
tion, May 2001. http://www.w3.org/TR/2001/REC-
xmlschema-1-20010502/ Biron, P., and Malhotra, A., ML
Schema Part 2: Datatypes, W3C Recommendation, May
2001. http://www.w3.org/TR/2001/REC-
xmlschema-2-20010502/


[XMLURI] Donald E. Eastlake 3rd "Additional XML Security
URIs", draft-eastlake-xmldsig-uri-05.txt


[CPALGS] V. Popov, I. Kurepkin, S. Leontiev "Additional cryp-
tographic algorithms for use with GOST 28147-89, GOST
R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94
algorithms.", draft-popov-cryptopro-cpalgs-01.txt


[CPPK] S. Leontiev, D. Shefanovskij, "Algorithms and Identi-
fiers for the Internet X.509 Public Key Infrastruc-
ture Certificates and Certificate Revocation List
(CRL), corresponding to the algorithms GOST R
34.10-94, GOST R 34.10-2001, GOST R 34.11-94", draft-
ietf-pkix-gost-cppk-01.txt


Acknowledgments

This document was created in accordance with "Russian Cryptographic
Software Compatibility Agreement", signed by FGUE STC "Atlas",
CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual
compatibility of the products and solutions.

The authors wish to thank:

Microsoft Corporation Russia for provided information about



Chudov, Leontiev Informational [Page 9]

Internet-Draft Using GOST for XML Digital Signatures April 2004


company products and solutions, and also for technical consulting
in PKI.

RSA Security Russia and Demos Co Ltd for active colaboration and
critical help in creation of this document.

NIP Informzachita for compatibility testing of the proposed data
formats while incorporating them into company products.

Citrix Inc for help in compatibility testing Citrix products for
Microsoft Windows.

Russ Hously (Vigil Security, LLC, housley@vigilsec.com) and
Vasilij Sakharov (DEMOS Co Ltd, svp@dol.ru) for initiative,
creating this document.

This document is based on a contribution of CRYPTO-PRO company. Any
substantial use of the text from this document must acknowledge
CRYPTO-PRO. CRYPTO-PRO requests that all material mentioning or
referencing this document identify this as "CRYPTO-PRO CPTLS".

Author's Addresses

Serguei Leontiev
CRYPTO-PRO
38, Obraztsova,
Moscow, 127018, Russian Federation
EMail: lse@cryptopro.ru

Grigorij Chudov
CRYPTO-PRO
38, Obraztsova,
Moscow, 127018, Russian Federation
EMail: chudov@cryptopro.ru

Full Copyright Statement

Copyright (C) The Internet Society (2003). All Rights Reserved.

This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of



Chudov, Leontiev Informational [Page 10]

Internet-Draft Using GOST for XML Digital Signatures April 2004


developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.

The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.

This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.





































Chudov, Leontiev Informational [Page 11]