Added SHA-224 digest to XML Signature 1.1 and 2.0

[resend with corrected subject and more detail]

I added SHA-224 to the XML Signature 1.1 and 2.0 editors drafts

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.src.html#sec-AlgID

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.src.html#sec-SHA-224

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/Overview.src.html#sec-SHA-224

I also updated the explanation document accordingly - http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-explain/Overview.src.html#sec-AlgorithmAdditions

regards, Frederick

Frederick Hirsch
Nokia



On Aug 13, 2012, at 9:59 AM, Hirsch Frederick (Nokia-CIC/Boston) wrote:

> Thanks Pratik!
> 
> I added SHA-224 to the editors draft:
> 
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.src.html#sec-AlgID
> 
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.src.html#sec-SHA-224
> 
> I also updated the developer-explain and explain accordingly:
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> On Aug 12, 2012, at 3:37 AM, ext Pratik Datta wrote:
> 
>> I have uploaded test vectors for SHA224  and HMACOutputLength
>> 
>> For SHA224
>> ==========
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha224.xml
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p256_sha224.xml
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p384_sha224.xml
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p521_sha224.xml
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-rsa-sha224.xml
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-sha224-rsa_sha256.xml
>> 
>> I noticed that the latest Dsig 1.1 spec does not have the SHA224 digest algorithm, i.e it doesn't have this one:
>> <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" />
>> 
>> Are we going to add this algorithm? Three of the above test cases uses SHA224 digest algorithm.
>> 
>> 
>> For HMACOutputLength
>> ====================
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha1-truncated40.xml
>> https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha1-truncated160.xml
>> 
>> The first one is truncated to 40 bytes, so it should be rejected.  The second one is not truncated at all, so it should be accepted.
>> 
>> Pratik
>> 
>> -----Original Message-----
>> From: Cantor, Scott [mailto:cantor.2@osu.edu] 
>> Sent: Monday, August 06, 2012 6:43 PM
>> To: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
>> Subject: Re: XML Signature 1.1 items at risk (removal)
>> 
>> On 8/6/12 9:33 PM, "Frederick.Hirsch@nokia.com"
>> <Frederick.Hirsch@nokia.com> wrote:
>>> 
>>> (1) SHA-224 related algorithms: ECDSA-SHA224, HMAC-SHA224, 
>>> RSAwithSHA224
>> 
>> By end of month I can produce a vector for these, or at least the public key ones, or verify somebody else's if they have one.
>> 
>>> (2) KeyInfo X509Data items: OCSPResponse, X509Digest (1 implementation 
>>> Apache Santuario)
>>> 
>>> (3) KeyInfo items: DEREncodedKeyValue (1 implementation Apache 
>>> Santuario), KeyInfoReference (1 implementation Apache Santuario)
>> 
>> The KeyInfoReference implementation is OpenSAML from the Shibboleth project, rather than Santuario. It doesn't fit into the Santuario code base as a useful feature.
>> 
>> You can add OpenSAML to the DEREncodedKeyValue set also.
>> 
>> As we discussed last call, I'm the author in both projects.
>> 
>> Note that if you pull X509Digest, we're back to having a broken X509IssuerSerial as the alternative because people objected to fixing the schema.
>> 
>>> (4) HMACOutputLength
>> 
>> If there's an existing vector for this that used to be allowed but should now fail, can somebody identify it?
>> 
>> -- Scott
>> 
>> 
>

Received on Monday, 13 August 2012 19:58:13 UTC