W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2002

Test Vectors for DName encoding

From: Gregor Karlinger <gregor.karlinger@cio.gv.at>
Date: Thu, 21 Mar 2002 10:46:44 +0100
To: "Joseph M. Reagle Jr. \(Joseph M. Reagle Jr.\)" <reagle@w3.org>, "'Merlin Hughs'" <merlin@baltimore.ie>
Cc: "XMLSigWG" <w3c-ietf-xmldsig@w3.org>
Message-ID: <00e401c1d0bd$508ae200$51981b81@iaik.at>
Hi all,

please find below some test vectors for DName encoding. They
should demonstrate my understanding of the corresponding rules
in section 4.4.4.


1. Space escaping
-----------------

<DName>
  <RDN>
    <AVA>
      <Type>CN</Type>
      <Value>  Wolfgang  </Value>
    </AVA>   
    <AVA>
      <Type>CN</Type>
      <Value>  Amadeus  </Value>
    </AVA>
   </RDN>
<DName>

RFC 2253: "CN=\  Wolfgang \ +CN=\  Amadeus \ "

XMLDSIG: "CN=\  Wolfgang \ +CN=\  Amadeus \20" or
         "    CN=\  Wolfgang \ +CN=\  Amadeus \20    "

Demonstrates: 

  - Basic rules are specified in RFC 2253 (escape a
    space at the beginning and at the end of an
    attributeValue string)

  - XMLDSIG rule: Escape a space at the end of the
    whole DName string with "\20" instead of "\ "

  - XMLDSIG rule: Unescaped whitespace (ascii characters
    <= 0x19) will be removed from the begining and from
    the end of the DName string when converting it into
    a DName.

2. Escaping of special characters
---------------------------------

<DName>
  <RDN>
    <AVA>
      <Type>O</Type>
      <Value>Foo, Inc.</Value>
    </AVA>   
  </RDN>
  <RDN>
    <AVA>
      <Type>CN</Type>
      <Value>Herbert "The Cat"</Value>
    </AVA>
     <AVA>
      <Type>CN</Type>
      <Value>Miller <miller@foo.org></Value>
    </AVA> 
  </RDN>
<DName>

RFC2253: "O=Foo\, Inc.,CN=Herbert \"The Cat\"+CN=Miller
\<miller@foo.org\>"

XMLDSIG: "O=Foo\, Inc.,CN=Herbert \"The Cat\"+CN=Miller
\<miller@foo.org\>"

Demonstrates: 

  - Basic rules are specified in RFC 2253 (escape special characters
    ",", "+", """, "\", "<", ">" or ";" in an attributeValue string)

  - XMLDSIG does not specify any additional rules here

3. Escaping of ascii control characters
---------------------------------------

Remark: The unicode characters xA and xD will be escaped in the 
XML structure showing the test vector with "&#xA;" and "&#xD;".

<DName>
  <RDN>
    <AVA>
      <Type>CN</Type>
      <Value>down&#xA;down&#xA;back and
down&#xD;&#xA;down&#xA;stop</Value>
    </AVA>   
   </RDN>
<DName>

RFC2253: "down
              down
                  back and down
down
    stop"

XMLDSIG: "down\0Adown\0Aback and down\0D\0Adown\0Astop"

Demonstrates:

  - RFC2253 does not mandate escaping of ascii control characters.

  - XMLDSIG specifies the additional rule that all ascii control
characters
    (<= 0x19) have to be escaped by a "\" followed to hex characters.

4. Escaping of characters >= 0x80
---------------------------------

Remarks: 
 = unicode character 0xF6 (latin small letter o with diaeresis)
 = unicode character 0xFC (latin small letter u with diaeresis)
Consider the XML structure as being encoded using ISO 8859-1
Consider the XMLDSIG DName string as being encoded using ISO 8859-1
        

<DName>
  <RDN>
    <AVA>
      <Type>CN</Type>
      <Value>Jrg Mller</Value>
    </AVA>   
   </RDN>
<DName>

RFC2253: "Jörg Müller" or
         "J\C3\B6rg M\C3\BCller"

XMLDSIG: "Jrg Mller"

Demonstrates:
-------------

  - RFC2253 does not mandate to escape any other characters than
    the ones listed in section 2.4 of RFC 2253, so any other chars
    are simply encoded as UTF-8 String (first variant). 

  - But RFC2253 allows to escape any other bytes using "\" and
    two hex digit numbers (second variant).

  - XMLDSIG does not encode the DName strings in UTF-8. DNames are
    expressed in characters rather than in bytes. For that reason
    XMLDISG does NOT RECOMMEND escaping of characters >=0x80, since
    it is simply not necessary and worsens readability.

Liebe Gruesse/Regards, 
---------------------------------------------------------------
DI Gregor Karlinger
mailto:gregor.karlinger@iaik.at
http://www.iaik.at
Phone +43 316 873 5541
Institute for Applied Information Processing and Communications
Austria
---------------------------------------------------------------
 




Received on Thursday, 21 March 2002 04:47:04 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:15 GMT