OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: FW: [oic] encryption of signature files


kudos to Dennis for discovering this issue.

- signature files are to be stored in META-INF/
- but files within META-INF/ are not allowed to have an entry in the manifest
- this means that the required encryption parameters can't be provided (iv, salt...)
(or the package will not be conformant...)
- the net result is that signatures files are not allowed to be encrypted (so this
will leak some information)

Suggested change: 

- either allow META-INF/ (signature) files to be listed in the manifest,


- store the signatures somewhere else (like a new Signatures/ or similar ?)

Best regards,


From: Dennis E. Hamilton [dennis.hamilton@acm.org]
Sent: Friday, December 11, 2009 11:41 PM
To: Hanssens Bart; oic@lists.oasis-open.org
Subject: RE: [oic] encryption of signature files

You can't encrypt anything having full-path prefix "META-INF/" because no
Package file with that prefix may appear in manifest.xml.  It's a
side-effect of that limitation.

Since all Package Digital Signature files have full-path prefix "META-INF/"
it is not permissible to provide a <manifest:file-entry> for any of them.
Without a <manifest:file-entry> there is no way to specify encryption.

Cute, huh?

It is my hope that this is an unintended consequence and we can require
encryption of enverything that has a <manifest:file-entry> except for
"Thumbnails/thumbnail.png", and that we required a manifest:file-entry for
everything but mimetype and META-INF/manifest.xml.  (That means all the RDF
cruft too, in case no one has noticed that nuance.)

I will submit a JIRA issue about this on the ODF TC JIRA.  If you want to
submit an office-comment on it, that would be welcome too.

 - Dennis

-----Original Message-----
From: Hanssens Bart [mailto:Bart.Hanssens@fedict.be]
Sent: Friday, December 11, 2009 10:06
To: dennis.hamilton@acm.org; oic@lists.oasis-open.org
Subject: [oic] encryption of signature files

Hi Dennis,

> I have a pent-up pending analysis and blog post on the ODF 1.x package
> encryption scheme's vulnerability to known-plaintext attacks.  The fact
> the digital signature files cannot be encrypted is also something that
> should raise eyebrows in document security circles.

Hmz, probably I'm missing something here, but I haven't read that one cannot
encrypt the signature files (or other files in META-INF, except the

As far as I know, one cannot encrypt the manifest (otherwise it'll be a tad
difficult to get to the encryption/decryption parameters), nor the mimetype

Part 3 mentions that, for encrypted documents, Thumbnails/thumbnail.png
may be a dummy one (but I haven't seen a statement that one isn't allow to
simply encrypt that one as well, although that might cause some trouble for
environments trying to show the preview, so probably not a good idea)

Best regards,


To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]