W3C

Test cases for XMLSig Interoperability

W3C Working document 30July 2007

This version:
Authors:
Juan Carlos Cruellas, UPC<cruellas@ac.upc.es>
more editors names to be added HERE
Editors:
Juan Carlos Cruellas, UPC<cruellas@ac.upc.es>
more editors names to be added HERE
Contributor:

Copyright © 2007 W3C , All Rights Reserved.

Abstract

This working document defines test cases for interoperability tests for [XMLDSIG] in the light of two areas that have suffered changes since its publication of XMLSig, namely: xml namespace attributes management in canonicalization and the encoding as strings of Distinguished Names in X.509 certificates. This document also includes references to testcases already developed by the [XMLDSIG] working group.

Status of this Document

This document is a working document of the World Wide Web Consortium XML Security Specifications Maintenance Working Group. For further details of the activity of this group, please see XML Security Specifications Maintenance Working Group.

Table of Contents

1 Introduction
    1.1 Test cases notation
    1.2 Codes for Recommendation References
    1.3 Codes for Issues and Sub-Issues
2 Test cases specification
    2.1 Legacy XMLSig Working Group test cases
    2.2 Test cases on Canonicalization 1.1
        2.2.1 Test cases for xml:lang attribute
        2.2.2 Test cases for xml:space attribute
        2.2.3 Test cases for xml:id attribute
        2.2.4 Test cases for xml:base attribute
            2.2.4.1 Test cases for checking xml:base attribute propagation
            2.2.4.2 Tests for checking XML-C14N1.1 annex A
    2.3 Test cases on implicit/explicit rules for canonicalization
    2.4 Test cases on String encoding of Distinguished Names
3 References

Appendix

A Author's Adress (Non-Normative)

1 Introduction

Test cases will consist in signed XML documents. XML signatures will be generated according to the details specified in the present document.

There will be positive (signatures that will be valid) and negative (signatures created breaking some rules of the recommendations).

Applications will verify these signatures and check if both they verify valid signatures as valid and if they detect invalid signatures.

1.1 Test cases notation

This section summarizes the notation used for identification of test cases.

A test case identifier will match the following pattern:

RecommendationRef.SpecificIssue[.SpecificSub-Issue]#TestNumber-(positive | negative | caveat)

The RecommendationRef part identifies the source recommendation for the test case.

The SpecificIssue part identifies the issue to be tested by the test case. The optional SpecificSub-Issue part further refines the issue to be tested.

The TestNumber numbers the test case. It must be an integer number or an integer number followed by a lower letter.

The last part of the test case identifier will be one of the following three values:

  • positive: this indicates that the signature provided as test case is a valid signature. Applications must verify it as valid.

  • negative: this indicates that there is something wrong in the signature provided as test case that applications must detect and raise a result of signature invalid.

  • caveat:
    Editorial note: Juan Carlos Cruellas 
    the idea is that we could find some cases where some caveat should be made (think of some cases of DN encoded as strings when using attributes not presents in [RFC-4514]

Sub-sections below identify codes used throughout the present document

1.2 Codes for Recommendation References

The following codes are used for identifying the source recommendations for the test cases:

1.3 Codes for Issues and Sub-Issues

The following codes are used for identifying the issues and sub-issues for the test cases:

  • defCanXML: this code is used in all the test cases dealing with the [XMLDSIG] implicit and explicit rules managing the final canonicalization that precedes the digest computation..

  • xmllang: this code is used in all the test cases dealing with management of xml:lang attribute.

  • xmlspace: this code is used in all the test cases dealing with management of xml:space attribute.

  • xmlid: this code is used in all the test cases dealing with management of xml:id attribute.

  • xmlbase: this code is used in all the test cases dealing with management of xml:base attribute.

    The following sub-issues are identified for this issue:

    • prop: this code is used for all the test cases that deal with propagation of xml:base attribute through the node tree.

    • annexA: this code is used for all the test cases that deal with [XML-C14N1.1] annex A.

  • dnString: this code is used in all the test cases dealing with the string encoding of Distinguished Names in X.509 certificates.

2 Test cases specification

The following sub-sections contain the specification of the different test cases grouped by recommendation and issues.

2.1 Legacy XMLSig Working Group test cases

Editorial note: Juan Carlos Cruellas 
To be referenced from here

2.2 Test cases on Canonicalization 1.1

The set of test cases in this section deal with the canonicalization of a XML data object, which contains elements with attributes in the xml namespace just before computing its digest.

General rules for these test cases:

  • There will no need of generating any digital signature for checking all the positive test cases. The input for each of these test cases will be a xml document and a XPath filter expression (both of them are specified for each test case). The output will be the result of applying first the XPath filter to the aforementioned xml document and afterwards the canonical XML 1.1 to the filter output

  • All the negative test cases will require verification of a pre-generated ds:Signature, which will include something wrong in its computation. All of them will serve to check that applications do not raise false positives. In these cases, the following restrictions apply:

    • In all these test cases the ds:KeyInfo element will ONLY contain the X509 signing certificate.

    • In all these test cases the ds:Transforms element will contain a sequence of two transforms:

      • The first one will contain a XPath filter that depends on the test case.

      • The second one will reference the [XML-C14N].

Editorial note 
You may anticipate that generating negative test cases will be more difficult than generating positive ones as it will imply to generate actual signatures and also that the signing tool actually generates bad signatures

2.2.1 Test cases for xml:lang attribute

The set of test cases in this section deal with the canonicalization of a XML data object, which contains elements with xml:lang attributes.

Below follows the input document for all the test cases in this section:

<?xml version="1.0" encoding="UTF-8"?>
<ietf:CanXML11Xmllang xmlns:ietf="http://www.ietf.org" 
xmlns:w3c="http://www.w3.org">
   <ietf:e1 xml:lang="EN">
      <ietf:e11>
         <ietf:e111 />
      </ietf:e11>
      <ietf:e12 at="2">
         <ietf:e121 />
      </ietf:e12>
   </ietf:e1>
   <ietf:e2 >
      <ietf:e21 />
   </ietf:e2>
</ietf:CanXML11Xmllang>

Note:

Document subset expressions for document subsets computation are defined as in [XML-C14N1.1].

Test case canXML11.xmllang#1-positive
Input detailsTo-Be-Signed (TBS henceforth) data object with ONLY a xml:lang attribute in a certain element e whose content includes other elements. The ds:Transform contains a XPath expression whose result is a node set that includes element e.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*)[ancestor-or-self::ietf:e1]
Output
Link to test cases

Test case canXML11.xmllang#2-positive
Input detailsTBS data object with ONLY a xml:lang attribute in a certain element e whose content includes other elements. The ds:Transform contains a XPath expression whose result is a node set that DOES NOT include neither element e nor any of its children elements.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*)[ancestor-or-self::ietf:e2]
Output
Link to test cases

Test case canXML11.xmllang#2-negative
Input detailsRationaleLinks to test cases
As canXML11.xmllang#2-positive but now the digest will have been computed on the outcome of the transformation manipulated for containing an element with a xml:lang attribute.Check that implementations of [XML-C14N1.1] do not give a false positive when an element in the output of the XPath filtering inherits an undesired xml:lang attribute from a discarded element.

Test case canXML11.xmllang#3-positive
Input detailsTBS with ONLY a xml:lang attribute in a certain element e whose content includes a sequence of only one element. The ds:Transform contains a XPath expression whose result is a node set that DOES NOT include element e but includes one child element.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*)[ancestor-or-self::ietf:e11]
Output
Link to test cases

Test case canXML11.xmllang#3-negative
Input detailsRationaleLinks to test cases
As canXML11.xmllang#3-positive but now the digest will have been computed on the outcome of the transformation manipulated for containing the child from e element without a xml:lang attribute.Check that implementations of [XML-C14N1.1] do not give false positive results.

Test case canXML11.xmllang#4-positive
Input detailsTBS with ONLY a xml:lang attribute in a certain element e whose content includes a sequence of more than one element (these children may in turn contain children elements). The ds:Transform contains a XPath expression whose result is a node set that DOES NOT include element e but includes more than one of its children elements.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*)[ancestor-or-self::ietf:e11 or ancestor-or-self::ietf:e12]
Output
Link to test cases

Test case canXML11.xmllang#4-negative
Input detailsRationaleLinks to test cases
As canXML11.xmllang#4-positive but now the digest will have been computed on the outcome of the transformation manipulated for containing more than one e element children without the xml:lang attribute.Check that implementations of [XML-C14N1.1] do not give false positive results.

2.2.2 Test cases for xml:space attribute

The set of test cases in this section deal with the canonicalization of a XML data object, which contains elements with xml:space attributes.

Below follows the input document for all the test cases in this section:

<?xml version="1.0" encoding="UTF-8"?>
<ietf:CanXML11XmlSpaceDoc1 xmlns:ietf="http://www.ietf.org" 
xmlns:w3c="http://www.w3.org">
   <ietf:e1 xml:space="true">
      <ietf:e11>
         <ietf:e111 />
      </ietf:e11>
      <ietf:e12 at="2">
         <ietf:e121 />
      </ietf:e12>
   </ietf:e1>
   <ietf:e2 >
      <ietf:e21 />
   </ietf:e2>
</ietf:CanXML11XmlSpaceDoc1>
Test case canXML11.xmlspace#1-positive
Input detailsTBS data object with ONLY a xml:space attribute in a certain element e whose content includes other elements. The ds:Transform contains a XPath expression whose result is a node set that includes element e.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e1]
Output
Link to test cases

Test case canXML11.xmlspace#2-positive
Input detailsTBS data object with ONLY a xml:space attribute in a certain element e whose content includes other elements. The ds:Transform contains a XPath expression whose result is a node set that DOES NOT include neither element e nor any of its children elements.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e2]
Output
Link to test cases

Test case canXML11.xmlspace#2-negative
Input detailsRationaleLinks to test cases
As canXML11.xmlspace#2-positive but now the digest will have been computed on the outcome of the transformation manipulated for containing an element with a xml:space attribute.Check that implementations of [XML-C14N1.1] do not give a false positive when an element in the output of the XPath filtering inherits an undesired xml:space attribute from a discarded element.

Test case canXML11.xmlspace#3-positive
Input detailsTBS with ONLY a xml:space attribute in a certain element e whose content includes a sequence of only one element. The ds:Transform contains a XPath expression whose result is a node set that DOES NOT include element e but includes its child element.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e11]
Output
Link to test cases

Test case canXML11.xmlspace#3-negative
Input detailsRationaleLinks to test cases
As canXML11.xmlspace#3-positive but now the digest will have been computed on the outcome of the transformation manipulated for containing the child from e element without a xml:space attribute.Check that implementations of [XML-C14N1.1] do not give false positive results.

Test case canXML11.xmlspace#4-positive
Input detailsTBS with ONLY a xml:space attribute in a certain element e whose content includes a sequence of more than one element (these children may in turn contain children elements). The ds:Transform contains a XPath expression whose result is a node set that DOES NOT include element e but includes more than one of its children elements.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e11 or ancestor-or-self::ietf::e12]
Output
Link to test cases

Test case canXML11.xmlspace#4-negative
Input detailsRationaleLinks to test cases
As canXML11.xmlspace#4-positive but now the digest will have been computed on the outcome of the transformation manipulated for containing more than one e element children without the xml:space attribute.Check that implementations of [XML-C14N1.1] do not give false positive results.

2.2.3 Test cases for xml:id attribute

The set of test cases in this section deal with the canonicalization of a XML data object, which contains elements with xml:id attributes.

Below follows the input document for all the test cases in this section:

<?xml version="1.0" encoding="UTF-8"?>
<ietf:CanXML11XmlIdDoc1 xmlns:ietf="http://www.ietf.org" 
xmlns:w3c="http://www.w3.org">
   <ietf:e1 xml:id="IdInterop">
      <ietf:e11>
         <ietf:e111 />
      </ietf:e11>
      <ietf:e12 at="2">
         <ietf:e121 />
      </ietf:e12>
   </ietf:e1>
   <ietf:e2 >
      <ietf:e21 />
   </ietf:e2>  
</ietf:CanXML11XmlIdDoc1>
Test case canXML11.xmlid#1-positive
Input detailsTBS with ONLY a xml:id. attribute in a certain element e whose content includes other elements. The ds:Transform contains a XPath expression whose result is a node set that includes element e.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e1]
Output
Link to test cases

Test case canXML11.xmlid#1-negative
Input detailsRationaleLinks to test cases
As canXML11.xmlid#1-positive but now the digest will have been computed on the outcome of the transformation manipulated for containing the e element without the xml:id attribute.Check that implementations of [XML-C14N1.1] do not give false positive results.

Test case canXML11.xmlid#2-positive
Input detailsTBS with ONLY a xml:id. attribute in a certain element e whose content includes other elements. The ds:Transform contains a XPath expression whose result is a node set that DOES NOT include the element e but some of the children of the element e.
RationaleCheck that implementations of [XML-C14N1.1] keep behavior as defined in [XML-C14N]
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e11 or ancestor-or-self::ietf.e12]
Output
Link to test cases

Test case canXML11.xmlid#2-negative
Input detailsRationaleLinks to test cases
As in canXML11.xmlid#2-positive but now the digest will have been computed on the outcome of the transformation manipulated for including in one of the e children element the xml:id attribute.Check that implementations of [XML-C14N1.1] do not give false positive results.

2.2.4 Test cases for xml:base attribute

The set of test cases in this section deal with the canonicalization of a XML data object, which contains elements with xml:base attributes.

Two sets of test cases have been defined:

  • Those tests that check if the tools correctly propagate the xml:base attributes through the node tree.

  • Those tests that check if the tools correctly process annex A of the [XML-C14N1.1]

2.2.4.1 Test cases for checking xml:base attribute propagation

This section specifies test cases that check how the tools propagate xml:base attributes through the tree when the result of the filtering is a document subset.

	<?xml version="1.0" encoding="UTF-8"?>
	<ietf:CanXML11XmlBaseDoc1 xmlns:ietf="http://www.ietf.org" xmlns:w3c="http://www.w3.org"  	xml:base="http://xmlbaseexample.org/xmlbase0/">
		<ietf:e1 xml:base="/xmlbase1/">
			<ietf:e11 xml:base="/xmlbase11/">
				<ietf:e111 xml:base="/xmlbase111/"/>
			</ietf:e11>
			<ietf:e12 at="2" >
				<ietf:e121 xml:base="/xmlbase121/"/>
			</ietf:e12>
		</ietf:e1>
		<ietf:e2>
			<ietf:e21 xml:base="/xmlbase21/" />
		</ietf:e2>
		<ietf:e3>
			<ietf:e31 at="3" />
		</ietf:e3>
	</ietf:CanXML11XmlBaseDoc1 >

The document's root element ietf:CanXML11XmlBaseDoc1 defines a xml:base attribute. This element contains three children.

The first one ietf:e1 has another xml:base attribute. All the ietf:e1's descendant have a xml:base attribute. Transforms that select subsets of ietf:e1's descendant will test how each level in the tree of elements incorporates its corresponding part to the value of the final xml:base.

The second one ietf:e2 does not have a xml:base attribute, but its child, ietf:e21 's has a xml:base attribute. Transforms that select ietf:e21 will test how it takes the value of xml:base from an ancestor different to its parent.

As for the third element, neither it nor any of its descendant have have a xml:base. Transforms that select ietf:e3 or any of its descendant will test how they inherit the xml:base from the root element without any further processing

Test case canXML11.xmlbase.prop#1-positive
Input detailsThe document shown above. The ds:Transform contains a XPath expression whose result is a node set that includes element ietf:CanXML11XmlBaseDoc1 and the child ietf:e1 and its descendant.
RationaleCheck that implementations of [XML-C14N1.1] work properly when the xml:base origin appears in the output document subset and also children with xml:base, which do not require further processing, are also present.
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:CanXML11XmlBaseDoc1 and not(ancestor-or-self::ietf:e2)]
Output
Link to test cases

Test case canXML11.xmlbase.prop#2-positive
Input detailsThe document shown above. The ds:Transform contains a XPath expression whose result is a node set that includes element ietf:e1 and its descendant but not ietf:CanXML11XmlBaseDoc1.
RationaleCheck that implementations of [XML-C14N1.1] properly build the xml:base at the first level (ietf:e1).
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e1]
Output
Link to test cases

Test case canXML11.xmlbase.prop#3-positive
Input detailsThe document shown above. The ds:Transform contains a XPath expression whose result is a node set that includes element ietf:e11 and its descendant. Elements ietf:CanXML11XmlBaseDoc1 and ietf:e1 do not appear.
RationaleCheck that implementations of [XML-C14N1.1] properly build the xml:base if one of intermediate the levels (ietf:e1) are absent from the document subset.
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e11]
Output
Link to test cases

Test case canXML11.xmlbase.prop#4-positive
Input detailsThe document shown above. The ds:Transform contains a XPath expression whose result is a node set that includes element ietf:e111 and its descendant. Elements ietf:CanXML11XmlBaseDoc1, ietf:e11 and ietf:e1 do not appear.
RationaleCheck that implementations of [XML-C14N1.1] properly build the xml:base if several intermediate levels (ietf:e1 and ietf:e11) are absent from the document subset.
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e111]
Output
Link to test cases

Test case canXML11.xmlbase.prop#5-positive
Input detailsThe document shown above. The ds:Transform contains a XPath expression whose result is a node set that includes element ietf:e2 and its descendant. Elements ietf:CanXML11XmlBaseDoc1, ietf:e1 and its descendant, and ietf:e3 and its descendant do not appear.
RationaleCheck that implementations of [XML-C14N1.1] properly build the xml:base if one intermediate level (ietf:e2) without any xml:base attribute is absent from the document subset.
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e21]
Output
Link to test cases

Test case canXML11.xmlbase.prop#6-positive
Input detailsThe document shown above. The ds:Transform contains a XPath expression whose result is a node set that includes element ietf:e3 and its descendant. Elements ietf:CanXML11XmlBaseDoc1, ietf:e1 and its descendant, and ietf:e2 and its descendant do not appear.
RationaleCheck that implementations of [XML-C14N1.1] properly build the xml:base in one element that originaly had no xml:base attribute.
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:e3]
Output
Link to test cases

Test case canXML11.xmlbase.prop#7-positive
Input detailsThe document shown above. The ds:Transform contains a XPath expression whose result is a node set that includes elements ietf:CanXML11XmlBaseDoc1 and ietf:e3 and its descendant. Elements ietf:e1 and its descendant, and ietf:e2 and its descendant do not appear.
RationaleCheck that implementations of [XML-C14N1.1] do not pass the xml:base to another element when it is not necessary.
Document subset expression(//. | //@* | //namespace::*) [ancestor-or-self::ietf:CanXML11XmlBaseDoc1 and not(ancestor-or-self::ietf:e1 or ancestor-or-self::ietf:e2)]
Output
Link to test cases

Editorial note: Juan Carlos Cruellas 
I propose that everybody takes a look and tries to identify if there is a missing test that would be worth to include.
2.2.4.2 Tests for checking XML-C14N1.1 annex A

This section specifies test cases for checking if the applications are aligned with [XML-C14N1.1] Annex A.

Each test case in this section will specify an input string, representing a URI that will have to be processed as per [XML-C14N1.1] Annex A.

Each test case appears in a row of the table shown below. The first column identifies the input URI that has to be processed. The second column shows the corresponding output.

Test case canXML11.xmlbase.annexA#1-positive
Input detailsOutput details
no/.././/pseudo-netpath/seg/file.extpseudo-netpath/seg/file.ext
no/..//.///pseudo-netpath/seg/file.extpseudo-netpath/seg/file.ext
yes/no//..//.///pseudo-netpath/seg/file.extyes/pseudo-netpath/seg/file.ext
no/../yesyes
no/../yes/yes/
no/../yes/no/..yes/
../../no/../..../../../
no/../..../
Editorial note 
Here the rest of test cases identified by Konrad
Editorial note 
Here the rest of test cases identified by Konrad

2.3 Test cases on implicit/explicit rules for canonicalization

The set of test cases in this section deal with the [XMLDSIG] Sig implicit and explicit rules that manage the contents of the ds:Transforms element concerning the default/not default canonicalization of a XML data object just before computing its digest.

General rules for these test cases:

  • In all these test cases the ds:KeyInfo element will ONLY contain the X509 signing certificate.

  • Test cases will contain a ds:Transforms element with one child, containing a XPath filter that depends on the test case.

Test case xmlSig.defCan#1-positive
Input detailsRationaleLinks to test cases
TBS with a xml:lang attribute in a certain element e whose content includes other elements. ds:Transforms contains only one child: a ds:Transform with only one child. This child contains a XPath expression whose result is a node set that includes some of the children of e but not e itself. The signing application will apply [XML-C14N]. This recommendation correctly deals with xml:lang attribute.Check that implementations of [XML-C14N1.1] work correctly with default canonicalization behavior and take [XML-C14N].

Test case xmlSig.defCan#2-positive
Input detailsRationaleLinks to test cases
TBS with a xml:space attribute in a certain element e whose content includes other elements. ds:Transforms contains only one child: a ds:Transform with only one child. This child contains a XPath expression whose result is a node set that includes some of the children of e but not e itself. The signing application will apply [XML-C14N]. This recommendation correctly deals with xml:space attribute.Check that implementations of [XML-C14N1.1] work correctly with default canonicalization behavior and take [XML-C14N].

Test case xmlSig.defCan#3-negative
Input detailsRationaleLinks to test cases
TBS with a xml:id attribute in a certain element e whose content includes other elements. ds:Transforms contains only one child: a ds:Transform with only one child. This child contains a XPath expression whose result is a node set that includes some of the children of e but not e itself. The signing application will apply [XML-C14N]. This recommendation mandates that children of e inherit xml:id, which is uncorrect.Check that implementations of [XMLDSIG] identify the problem.

Test case xmlSig.defCan#4-negative
Input detailsRationaleLinks to test cases
TBS with a xml:base attribute in a certain element e whose content includes other elements. ds:Transforms contains only one child: a ds:Transform with only one child. This child contains a XPath expression whose result is a node set that includes some of the children of e but not e itself. The signing application will apply [XML-C14N]. This recommendation mandates that children of e inherit xml:base, which is uncorrect.Check that implementations of [XMLDSIG] identify the problem.

Editorial note: Juan Carlos Cruellas 
What should be done in case a Signature is computed in the following conditions?: The TBS data object contains an element with a xml namespace attribute other than xml:id. and with one or more children elements in its content. Before computing the digest, the following transforms are applied: first a XPath transform that generates an output that inclues some of the children of e but not e itself; and secondly a base64 encoding. In this situation situation no canonicalization is done as the input to the digest computation is a byte stream. Furthermore the xml namespace attribute in e is lost from what is digested and signed. Is this a desired or undesired behavior? Should the applications detect this loss and react?.

2.4 Test cases on String encoding of Distinguished Names

The set of test cases in this section deal with the representation of Distinguished Names as Strings.

The following rules apply in all the test cases specified in the present section:

  • The input to each test case will be a Distinguished Name. No signature generation would be required.

Test case xmlSig.dnString#1-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514] section 3.

  • None of the RelativeDistinguishedNames attribute values contain any character that [RFC-4514] mandates to escape.

Check that implementations interoperate with easy situations.

Test case xmlSig.dnString#2-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4512].

  • None of the RelativeDistinguishedNames attribute values contain any character that [RFC-4514] mandates to escape.

Check that implementations incorporate descriptors tabulated in [RFC-4514] AND descriptors specified in [RFC-4512].

Test case xmlSig.dnString#3-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one starting space character (U+0020). The escaping mechanism will be space character preceded by the backslash character (‘\’ U+005C).

Check that implementations correctly manage escaping of starting space character.

Test case xmlSig.dnString#4-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one trailing space character (U+0020). The escaping mechanism will be ‘\20’.

Check that implementations correctly manage escaping of trailing space characters.

Test case xmlSig.dnString#5-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one escaped null characters (U+00). The escaping mechanism will be a backslash followed of a by a two digit hex number showing its Unicode point number.

Check that implementations correctly manage escaping of the null character (starting character of the ASCII control characters group).

Test case xmlSig.dnString#5-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one null character (U+00) not escaped as specified by [XMLDSIG]

Check that implementations catch the escaping error.

Test case xmlSig.dnString#6-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one escaped ASCII control characters U+1d. The escaping mechanism will be a backslash followed of a by a two digit hex number showing its Unicode point number.

Check that implementations correctly manage escaping of an ASCII control character that is neither the first nor the final character of the group.

Test case xmlSig.dnString#6-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one ASCII control characters U+1d not escaped as specified by [XMLDSIG].

Check that implementations catch the escaping error.

Test case xmlSig.dnString#7-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one escaped ASCII control characters U+1f. The escaping mechanism will be a backslash followed of a by a two digit hex number showing its Unicode point number.

Check that implementations correctly manage escaping of the last ASCII control characters group.

Test case xmlSig.dnString#7-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will have one or more than one not-escaped ASCII control characters U+1f.

Check that implementations catch the error.

Test case xmlSig.dnString#8-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters in the following group: '+', ',', ';', and '\.'

Check that implementations correctly manage escaping of all the special characters (except '"', ‘<’ and ‘>’)..

Test case xmlSig.dnString#8a-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters '+' not escaped.

Check that implementations catch the error.

Test case xmlSig.dnString#8b-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters ';' not escaped.

Check that implementations catch the error.

Test case xmlSig.dnString#8c-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions::

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters ',' not escaped.

Check that implementations catch the error.

Test case xmlSig.dnString#8d-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters '\' not escaped.

Check that implementations catch the error.

Test case xmlSig.dnString#9-positive
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters in the following group: '"', '<', and '>'.

Check that implementations correctly manage escaping the sub-group of special characters '"', ‘<’ and ‘>’.

Test case xmlSig.dnString#9a-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters '"' not escaped.

Check that implementations catch the error.

Test case xmlSig.dnString#9b-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters '<' not escaped.

Check that implementations catch the error.

Test case xmlSig.dnString#9c-negative
Input detailsRationaleLinks to test cases
The DistinguishedName will have the following restrictions:

  • All the RelativeDistinguishedNames attribute types have a short name (descriptor) tabulated in [RFC-4514].

  • Some RelativeDistinguishedNames attribute value will contain one or more special characters '>' not escaped.

Check that implementations catch the error.

3 References

RFC 4512
RFC 4512: Lightweight Directory Access Protocol (LDAP): Directory Information Models. K. Zeilenga, Ed. June 2006. http://www.ietf.org/rfc/rfc4512txt

RFC 4514
RFC 4514: Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names. K. Zeilenga, Ed. June 2006. http://www.ietf.org/rfc/rfc4514.txt

URI
RFC 2396: Uniform Resource Identifiers (URI): Generic Syntax. T. Berners-Lee, R. Fielding, U.C. Irvine, L. Masinter. August 1998. http://www.ietf.org/rfc/rfc2396.txt

XML
Extensible Markup Language (XML) 1.0 (Second Edition). W3C Recommendation. T. Bray, E. Maler, J. Paoli, C. M. Sperberg-McQueen. October 2000. http://www.w3.org/TR/2000/REC-xml-20001006

XML-C14N
Canonical XML. Version 1.0. W3C Recommendation. John Boyer. March 2001. http://www.w3.org/TR/2001/REC-xml-c14n-20010315://www.w3.org/TR/2000/REC-xml-20001006

XML-C14N1.1
Canonical XML. Version 1.1. W3C Candidate Recommendation. John Boyer, Glenn Marcy. June 2007. http://www.w3.org/TR/2001/REC-xml-c14n-20010315://www.w3.org/TR/2000/REC-xml-2000100

XMLDSIG
XML-Signature Syntax and Processing. W3C Recommendation. Donald Eastlake, Joseph Reagle, David Solo. February 2002. http://www.w3.org/TR/xmldsig-core/

XML-schema-part-1
XML-Schema Part 1: Structures. W3C Recommendation. D. Beech, M. Maloney, N. Mendelsohn, H. Thompson. May 2001. http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/

XML-schema-part-2
XML-Schema Part 2: Datatypes. W3C Recommendation. P. Biron, A. Malhotra. May 2001. http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/

XMLSECMAINT
XML Security Specifications Maintenance Working Group.http://www.w3.org/2007/xmlsec/

X509v3
ITU-T Recommendation X.509 version 3 (1997). "Information Technology - Open Systems Interconnection - The Directory Authentication Framework" ISO/IEC 9594-8:1997.

X509Prof
RFC 2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile. R. Housley, W. Polk, D. Solo. January 1999. http://www.ietf.org/rfc/rfc2459.txt

A Author's Adress (Non-Normative)

Juan Carlos Cruellas Ibarz

Universitat Politecnica de Catalunya (UPC)

Departament de Arquitectura de Computadors (DAC)

c/ Jordi Girona 1-3, Modul D6.103, Barcelona

Spain

Phone: +34 93 4016790

Email: mailto:cruellas@ac.upc.es