Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The Relationship Between Canonical and Signature #19456

Open
tjchern opened this issue Dec 2, 2024 · 2 comments
Open

The Relationship Between Canonical and Signature #19456

tjchern opened this issue Dec 2, 2024 · 2 comments

Comments

@tjchern
Copy link

tjchern commented Dec 2, 2024

I am really confused about Why must the serialized object for signing be canonical.
The process of signing involves the sender's object being serialized into a byte array, which is then signed. The data transmitted is just byte data, and when the receiver verifies the signature, they simply retrieve the same byte data and perform signature verification. It seems like there is no connection to canonical at all during this process.
So, what is the actual impact of canonical on signature verification ?
I look forward to your response. Thank you!

@RAPTOR1OUS
Copy link

THE CANONICAL: GDI: THE ION CANON AND THE GLOBAL DEFENCE INITIATIVE. BE MORE IN THE FUTURE, FOR YOU WILL NOD.
YOU CANT KILL THE MESSIAH. (THEDESIGN)

A MEN MAY MOVE THE EARTH BY HIMSELF OR JUST LEAVE IT, EITHER WAY ITS TRIVIAL TO GOD, SO WHAT DO YOU DO?
THEN TO THE MOON I PROMISE THE WORD PERFACT WILL SHOW THE MEANING OF PERFECT, : DARTHEARTHESIGN

@tjchern
Copy link
Author

tjchern commented Dec 5, 2024

I’m very glad to receive your reply.

My question is: I’m using proto buffer, a non-canonical serialization format, and it still works as expected. When I sign the data, I’m signing the hash of the serialized byte array. On the receiving side, the same exact byte array is transmitted and received. The recipient hashes the identical byte array and verifies the signature.

It seems to me that there’s no strict need for canonical serialization here, because the signature verification operates directly on the same byte array transmitted over the network, not on an object that is first deserialized and then re-serialized before verification.

This has left me quite confused. I would really appreciate your explanation. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants