- From: Bugbee, Larry <larry.bugbee@boeing.com>
- Date: Wed, 7 Jun 2006 21:06:40 -0700
- To: "Tom Gindin" <tgindin@us.ibm.com>, <Hothi_Amrit@emc.com>
- Cc: <w3c-ietf-xmldsig@w3.org>
ECDSA signatures, like DSA sigs, will be different each time, even when the same key is used. Both use random numbers in the computation of r and s. For some testing it is desirable to stub the random number generator. Larry -----Original Message----- From: Tom Gindin [mailto:tgindin@us.ibm.com] Sent: Tuesday, June 06, 2006 8:15 PM To: Hothi_Amrit@emc.com Cc: w3c-ietf-xmldsig@w3.org Subject: Re: <ds:Signature/> and <Signature/> Amritpal: If you look inside the lower-level signature algorithms you'll find that the signature value is expected to be identical between multiple uses of the same key over the same base for RSA v1 signatures ( http://www.w3.org/2000/09/xmldsig#rsa-sha1 and the various http://www.w3.org/2001/04/xmldsig-more/rsa-* algorithms) but not for DSA ( http://www.w3.org/2000/09/xmldsig#dsa-sha1) or RSA PSS (not used by XMLDSIG). I personally don't know about ECDSA. Tom Gindin Hothi_Amrit@emc.com Sent by: w3c-ietf-xmldsig-request@w3.org 05/31/2006 06:43 PM To: <w3c-ietf-xmldsig@w3.org> cc: Subject: <ds:Signature/> and <Signature/> Hi, I looking at signature interoperability between C which is using libxml2 (v 2.6.24) and Java using Apache's xml-security libs. When I sign the same document using the same key on same document. The digest match, but the signature values are different? Also the C lib is signing with the signature element <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> whereas Java's signature element is: <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">. Thanks, Amritpal.
Received on Thursday, 8 June 2006 13:54:39 UTC