ACTION-779 - Review test cases for 1.1 and summarize which are missing

DRAFT

This table shows what tests are specified in the 1.1 test cases ( http://www.w3.org/2008/xmlsec/wiki/Interop) and what needs to be added to test 2.0

Section		Specification		1.1 Testcase	Needs Development for 2.0
XML Signature Syntax and Processing Version 2.0 http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/
3.2.1 XML Signature 2.0 Algorithm Identifiers and Implementation Requirements Canonicalization		Required	Canonical XML 2.0	1.1 tests
	Transform
		Required:	XML Signature 2.0 Transform	1.1 tests
	Selection
		Required	XML Documents or Fragments http://www.w3.org/2010/xmldsig2#xml	1.1 tests
		Required	External Binary Data http://www.w3.org/2010/xmldsig2#binaryExternal	1.1 tests
		Required	Selection of Binary Data within XML http://www.w3.org/2010/xmldsig2#binaryfromBase64		?
	Verification
		Optional	DigestDataLength http://www.w3.org/2010/xmldsig2#DigestDataLength
		Optional	PositionAssertion http://www.w3.org/2010/xmldsig2#PositionAssertion
		Optional	IDAttributes http://www.w3.org/2010/xmldsig2#IDAttributes
	Canonicalization
		Required	Canonical XML 1.0 (omits comments) http://www.w3.org/TR/2001/REC-xml-c14n-20010315	1.1 tests
		Required	Canonical XML 1.1 (omits comments) http://www.w3.org/2006/12/xml-c14n11	1.1 tests for c14n, but unknown if the test is inclusive or exclusive
		Required	Exclusive XML Canonicalization 1.0 (omits comments) http://www.w3.org/2001/10/xml-exc-c14n#	1.1 tests for c14n, but unknown if the test omits comments
		Recommended	Canonical XML 1.0 with Comments http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
		Recommended	Canonical XML 1.1 with Comments http://www.w3.org/2006/12/xml-c14n11#WithComments
		Recommended	Exclusive XML Canonicalization 1.0 with Comments http://www.w3.org/2001/10/xml-exc-c14n#WithComments
	Transform
		Required	base64 http://www.w3.org/2000/09/xmldsig#base64
		Required	Enveloped Signature http://www.w3.org/2000/09/xmldsig#enveloped-signature
		Recommended	XPath http://www.w3.org/TR/1999/REC-xpath-19991116	1.1 tests
		Recommended	XPath Filter 2.0 http://www.w3.org/2002/06/xmldsig-filter2
		Optional	XSLT http://www.w3.org/TR/1999/REC-xslt-19991116
	Core Validation Interoperability (4.3)
		Verify:	Capability to check each Reference to to see if the data object matches with the expected data object. The cryptographic signature validation of the signature calculated over SignedInfo. Reference validation, the verification of the digest contained in each Reference in SignedInfo.
	Algorithms (Message Digests) http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-MessageDigests
			10.1.1 SHA-1	1.1 Tests
			10.1.2 SHA-256	1.1 Tests
			10.1.3 SHA-384	1.1 Tests
			10.1.4 SHA-512	1.1 Tests
	Algorithms ( Message Authentication Codes ) http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-MACs
			10.2.1 HMAC	1.1 Tests
	Algorithms ( Signature Algorithms) http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-SignatureAlg
			10.3.1 DSA	1.1 Tests
			10.3.2 RSA (PKCS#1 v1.5)	1.1 Tests
			10.3.3 ECDSA	1.1 Tests
	Algorithms (Canonicalization Algorithms) http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-c14nAlg-2.0
			10.4.1 Canonical XML 2.0		Needs Development
	Algorithms (The Transform Algorithm) http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/#sec-Transforms-2.0
			10.5 The Transform Algorithm		Needs Development

Section	Specification		1.1 Tests	Needs Development
XML Signature Streaming Profile of XPath 1.0 http://www.w3.org/2008/xmlsec/Drafts/xmldsig-xpath/
2. Streamable		One pass Streaming		Needs Development

1.1 Requirements

Requirements

3.1 Widget Security

3.2 Derived Keys

3.2.3 Solution Requirements

3.2.5.1 Create a ds:DerivedKeyType type modeled after the xenc:EncryptedKeyType.

3.3 Algorithm security and interoperability

3.3.3 Suite B Elliptic Curve Key Value Design (ECKeyValue)

3.4 Correct known issues

Specifications for 1.1 (http://www.w3.org/TR/xmldsig-core1/)	Test Cases for C14N 1.1 and XMLDSig Interoperability http://www.w3.org/2007/xmlsec/interop/xmlsig-interop-doc/testcases.html
3. Processing Rules
3.1 Signature Generation 3.1.1 Reference Generation 3.1.2 Signature Generation	3.3 Test Cases for XMLDSig 3.3.1 Test Cases for C14N 1.1 in XMLDSig 3.3.2 Test Cases on nodeset to octet-stream conversion by C14n 1.1 explicitly reflected in the chain of transforms 3.3.3 Test Cases on schema based XPointers and canonicalization 3.3.4 Test Cases on String encoding of Distinguished Names 3.3.4.1 Test Cases on differences identified in RFC 2253 and RFC 4514 3.3.4.1.1 Test case xmldsig/dname/diffRFCs-1 3.3.4.1.2 Test case xmldsig/dname/diffRFCs-2 3.3.4.1.3 Test case xmldsig/dname/diffRFCs-3 3.3.4.1.4 Test case xmldsig/dname/diffRFCs-4 3.3.4.1.5 Test case xmldsig/dname/diffRFCs-5 3.3.4.2 Test Cases for RFC 4514 3.3.4.2.1 Test case xmldsig/dname/dnString-4 3.3.4.2.2 Test case xmldsig/dname/dnString-6 3.3.4.2.3 Test case xmldsig/dname/dnString-8
3.2 Core Validation 3.2.1 Reference Validation 3.2.2 Signature Validation	All?
4. Core Signature Syntax
4.1 The `ds:CryptoBinary` Simple Type		Not referenced
4.2 The `Signature` element		All DSig
4.3 The `SignatureValue` Element
4.4 The `SignedInfo` Element 4.4.1 The `CanonicalizationMethod` Element 4.4.2 The `SignatureMethod` Element 4.4.3 The `Reference` Element 4.4.3.1 The `URI` Attribute 4.4.3.2 The Reference Processing Model 4.4.3.3 Same-Document URI-References 4.4.3.4 The `Transforms` Element 4.4.3.5 The `DigestMethod` Element 4.4.3.6 The `DigestValue` Element
4.5 The `KeyInfo` Element 4.5.1 The `KeyName` Element 4.5.2 The `KeyValue` Element 4.5.2.1 The `DSAKeyValue` Element 4.5.2.2 The `RSAKeyValue` Element 4.5.2.3 The `ECKeyValue` Element 4.5.2.3.1 Explicit Curve Parameters 4.5.2.3.2 Compatibility with RFC 4050 4.5.3 The `RetrievalMethod` Element 4.5.4 The `X509Data` Element 4.5.4.1 Distinguished Name Encoding Rules 4.5.5 The `PGPData` Element 4.5.6 The `SPKIData` Element 4.5.7 The `MgmtData` Element 4.5.8 XML Encryption `EncryptedKey` and `DerivedKey` Elements 4.5.9 The `DEREncodedKeyValue` Element 4.5.10 The `KeyInfoReference` Element
4.6 The `Object` Element
5. Additional Signature Syntax
5.1 The `Manifest` Element
5.2 The `SignatureProperties` Element
5.3 Processing Instructions in Signature Elements
5.4 Comments in Signature Elements
6. Algorithms
6.1 Algorithm Identifiers and Implementation Requirements
6.2 Message Digests 6.2.1 SHA-1 6.2.2 SHA-256 6.2.3 SHA-384 6.2.4 SHA-512		In Tests documented
6.3 Message Authentication Codes 6.3.1 HMA
6.4 Signature Algorithms 6.4.1 DSA 6.4.2 RSA (PKCShttp://www.w3.org/TR/xmldsig-core1/#1 v1.5) 6.4.3 ECDSA	3.3.4 Test Cases on String encoding of Distinguished Names 3.3.4.1 Test Cases on differences identified in RFC 2253 and RFC 4514 3.3.4.1.1 Test case xmldsig/dname/diffRFCs-1 3.3.4.1.2 Test case xmldsig/dname/diffRFCs-2 3.3.4.1.3 Test case xmldsig/dname/diffRFCs-3 3.3.4.1.4 Test case xmldsig/dname/diffRFCs-4 3.3.4.1.5 Test case xmldsig/dname/diffRFCs-5 3.3.4.2 Test Cases for RFC 4514 3.3.4.2.1 Test case xmldsig/dname/dnString-4 3.3.4.2.2 Test case xmldsig/dname/dnString-6 3.3.4.2.3 Test case xmldsig/dname/dnString-8
6.5 Canonicalization Algorithms 6.5.1 Canonical XML 1.0 6.5.2 Canonical XML 1.1 6.5.3 Exclusive XML Canonicalization 1.0	3.2 Test Cases for Canonicalization 1.1 3.2.1 Test Cases for xml:lang attribute 3.2.2 Test Cases for xml:space attribute 3.2.3 Test Cases for xml:id attribute 3.2.4 Test Cases for xml:base attribute 3.2.4.1 Test Cases for checking xml:base attribute propagation 3.2.4.1.1 Test case c14n11/xmlbase-prop-1 3.2.4.1.2 Test case c14n11/xmlbase-prop-2 3.2.4.1.3 Test case c14n11/xmlbase-prop-3 3.2.4.1.4 Test case c14n11/xmlbase-prop-4 3.2.4.1.5 Test case c14n11/xmlbase-prop-5 3.2.4.1.6 Test case c14n11/xmlbase-prop-6 3.2.4.1.7 Test case c14n11/xmlbase-prop-7 3.2.4.2 Test Cases for checking XML-C14N1.1 specification tests 3.2.4.2.1 Test case c14n11/xmlbase-c14n11spec-102 3.2.4.2.2 Test case c14n11/xmlbase-c14n11spec2-102 3.2.4.2.3 Test case c14n11/xmlbase-c14n11spec3-103 3.2.5 Test Cases for checking examples in the XML-C14N1.1 Appendix 3.3.1 Test Cases for C14N 1.1 in XMLDSig	No Exclusive Canonicalization test
6.6 `Transform` Algorithms 6.6.1 Canonicalization 6.6.2 Base64 6.6.3 XPath Filtering 6.6.4 Enveloped Signature Transform 6.6.5 XSLT Transform

Test Cases for 1.1

Author: Gerald Edgar
Date: May 23, 2011