- From: Bugbee, Larry <larry.bugbee@boeing.com>
- Date: Wed, 7 Jun 2006 21:06:40 -0700
- To: "Tom Gindin" <tgindin@us.ibm.com>, <Hothi_Amrit@emc.com>
- Cc: <w3c-ietf-xmldsig@w3.org>
ECDSA signatures, like DSA sigs, will be different each time, even when
the same key is used.
Both use random numbers in the computation of r and s. For some testing
it is desirable to stub the random number generator.
Larry
-----Original Message-----
From: Tom Gindin [mailto:tgindin@us.ibm.com]
Sent: Tuesday, June 06, 2006 8:15 PM
To: Hothi_Amrit@emc.com
Cc: w3c-ietf-xmldsig@w3.org
Subject: Re: <ds:Signature/> and <Signature/>
Amritpal:
If you look inside the lower-level signature algorithms you'll
find that the signature value is expected to be identical between
multiple uses of the same key over the same base for RSA v1 signatures (
http://www.w3.org/2000/09/xmldsig#rsa-sha1 and the various
http://www.w3.org/2001/04/xmldsig-more/rsa-* algorithms) but not for DSA
(
http://www.w3.org/2000/09/xmldsig#dsa-sha1) or RSA PSS (not used by
XMLDSIG). I personally don't know about ECDSA.
Tom Gindin
Hothi_Amrit@emc.com
Sent by: w3c-ietf-xmldsig-request@w3.org
05/31/2006 06:43 PM
To: <w3c-ietf-xmldsig@w3.org>
cc:
Subject: <ds:Signature/> and <Signature/>
Hi,
I looking at signature interoperability between C which is using
libxml2 (v 2.6.24) and Java using Apache's xml-security libs. When I
sign the same document using the same key on same document. The digest
match, but the signature values are different?
Also the C lib is signing with the signature element <Signature
xmlns="http://www.w3.org/2000/09/xmldsig#"> whereas Java's signature
element is: <ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">.
Thanks,
Amritpal.
Received on Thursday, 8 June 2006 13:54:39 UTC