W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2002

Re: More inter samples

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Tue, 12 Mar 2002 14:37:45 +0900
To: Jiandong Guo <jguo@phaos.com>
Cc: xml-encryption@w3.org
Message-ID: <OFEE3FCC9F.D50DD97D-ON49256B7A.00132B41@LocalDomain>


>> >> Attached is a revised version of the samples sent before. I mainly
>> >> update the Diffie-Hellman examples to accommodate the newest changes
in
>> >> the specification.
>>
>> I confirmed that our implementation succeeded in decrypting most of your
>> examples except ones using DH and RSA-OAEP with SHA256 and SHA512.  I
also
>> confirmed that it failed to decrypt your bad-algorithm example because
of
>> wrong key length.
>
>Thanks! As for the DH and RSA-OAEP with SHA256 and SHA512, I am wondering
if
>you
>couldn't decrypt them or you haven't tested them.

Sorry for confusing you.  I mean that I have not tested them yet.

>> However, I found that it succeeded in decrypting your
>> bad-type example.  That is reasonable to me because the decryptor is not
>> required to perform validation on the serialized XML and hence our
>> implementation does not.  Should we include this example in test
vectors?
>
>My intention is that if you do the decrypt and replace, the type
information
>should be needed.
>In other words, it should cause you trouble when you replace the
EncryptedData
>element with
>the decrypted data if the the type attribute is not set correctly.

I don't know how you have implemented this process, but the spec says:

>The decryptor is NOT REQUIRED to perform validation on the serialized XML.

and also says:

>The decryptor is NOT REQUIRED to perform validation on the result of this
replacement operation.

and hence I don't think that the implementation has to fail to decrypt this
example.  In that sense, I asked this question.  Note, I don't say that
your implementation is wrong.  Such validation would be value-add.

Thanks,
Takeshi IMAMURA
Tokyo Research Laboratory
IBM Research
imamu@jp.ibm.com
Received on Tuesday, 12 March 2002 00:37:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:20 GMT