- From: Pratik Datta <pratik.datta@oracle.com>
- Date: Sun, 12 Aug 2012 00:37:42 -0700 (PDT)
- To: "Cantor, Scott" <cantor.2@osu.edu>, Frederick.Hirsch@nokia.com, public-xmlsec@w3.org
I have uploaded test vectors for SHA224 and HMACOutputLength For SHA224 ========== https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p256_sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p384_sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p521_sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-rsa-sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-sha224-rsa_sha256.xml I noticed that the latest Dsig 1.1 spec does not have the SHA224 digest algorithm, i.e it doesn't have this one: <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /> Are we going to add this algorithm? Three of the above test cases uses SHA224 digest algorithm. For HMACOutputLength ==================== https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha1-truncated40.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha1-truncated160.xml The first one is truncated to 40 bytes, so it should be rejected. The second one is not truncated at all, so it should be accepted. Pratik -----Original Message----- From: Cantor, Scott [mailto:cantor.2@osu.edu] Sent: Monday, August 06, 2012 6:43 PM To: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org Subject: Re: XML Signature 1.1 items at risk (removal) On 8/6/12 9:33 PM, "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com> wrote: > >(1) SHA-224 related algorithms: ECDSA-SHA224, HMAC-SHA224, >RSAwithSHA224 By end of month I can produce a vector for these, or at least the public key ones, or verify somebody else's if they have one. >(2) KeyInfo X509Data items: OCSPResponse, X509Digest (1 implementation >Apache Santuario) > >(3) KeyInfo items: DEREncodedKeyValue (1 implementation Apache >Santuario), KeyInfoReference (1 implementation Apache Santuario) The KeyInfoReference implementation is OpenSAML from the Shibboleth project, rather than Santuario. It doesn't fit into the Santuario code base as a useful feature. You can add OpenSAML to the DEREncodedKeyValue set also. As we discussed last call, I'm the author in both projects. Note that if you pull X509Digest, we're back to having a broken X509IssuerSerial as the alternative because people objected to fixing the schema. >(4) HMACOutputLength If there's an existing vector for this that used to be allowed but should now fail, can somebody identify it? -- Scott
Received on Sunday, 12 August 2012 07:38:22 UTC