- From: merlin <merlin@baltimore.ie>
- Date: Fri, 15 Feb 2002 16:12:36 +0000
- To: xml-encryption@w3.org
- Message-Id: <20020215161236.E689943CEA@yog-sothoth.ie.baltimore.com>
FWIW, attached is a gzipped tarchive with some example signatures that use XML encryption key info to provide HMAC secret keys. Yes, I know that some of these signatures are without cryptographic merit, and that the encryption spec doesn't explicitly discuss generating key material for HMACs (I think it should), however I find them useful for automated testing; it's trivial to check whether a signature verifies. . encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml . encsig-sha256-hmac-sha256-kw-aes128.xml . encsig-sha384-hmac-sha384-kw-aes192.xml . encsig-sha512-hmac-sha512-kw-aes256.xml . encsig-hmac-sha256-rsa-1_5.xml . encsig-hmac-sha256-rsa-oaep-mgf1p.xml . encsig-hmac-sha256-dh.xml . encsig-hmac-sha256-kw-tripledes-dh.xml See Readme.txt for the values of fixed secret keys and for how to extract private keys from the P12. If I get a chance, I'll send some regular xmlenc samples too. Disclaimer: This is all prerelease code, so I reserve the right for it to be complete rubbish. merlin ----------------------------------------------------------------------------- Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. This footnote confirms that this email message has been swept by Baltimore MIMEsweeper for Content Security threats, including computer viruses. http://www.baltimore.com
Attachments
- application/x-tar-gz attachment: merlin-xmlenc-two.tar.gz
Received on Friday, 15 February 2002 11:12:45 UTC