| Example Signatures[1] using Encryption[2] key information and |
| Additional Security URIs[3], Encrypted Data[2] and Decryption |
| Transform[4] |
| |
| [1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/ |
| [2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/ |
| [3] http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt |
| [4] http://www.w3.org/TR/xmlenc-decrypt |
| |
| *** |
| Some of these signature are WITHOUT cryptographic merit; |
| for example, key transport of an HMAC key is meaningless. |
| These are provided solely for testing purposes. |
| *** |
| |
| Private keys necessary for performing the verification |
| and decryption are provided in the PKCS#12 file ids.p12, |
| encrypted under the pass phrase "Our Little Secret". I |
| may have done some of the ASN.1 encoding in this P12 |
| incorrectly; I hope not. Private keys are also available |
| in PKCS#8 encoding; rsa.p8, dh1.p8. |
| |
| RSA/OAEP is presently poorly defined; I assume MGF1/SHA-1. |
| |
| Secret keys are identified by key name as follows: |
| |
| Key Name | Algorithm | Key Value |
| ----------+-----------+----------- |
| bob | 3des | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII") |
| job | aes-128 | "abcdefghijklmnop".getBytes ("ASCII") |
| jeb | aes-192 | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII") |
| jed | aes-256 | "abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII") |
| |
| . encrypt-content-aes128-cbc-kw-aes192.xml |
| . encrypt-content-aes192-cbc-dh-sha512.xml |
| . encrypt-content-tripledes-cbc.xml |
| . encrypt-data-aes128-cbc.xml |
| . encrypt-data-aes192-cbc-kw-aes256.xml |
| . encrypt-data-aes256-cbc-kw-tripledes.xml |
| . encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml |
| . encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml |
| . encrypt-element-aes128-cbc-rsa-1_5.xml |
| . encrypt-element-aes192-cbc-ref.xml |
| . encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml |
| . encrypt-element-tripledes-cbc-kw-aes128.xml |
| Encrypted content, element and data. RSA private key has |
| friendly name "RSA" in the P12, and is rsa.p8. |
| DH private key has ID "DH1", and is dh1.p8. |
| |
| . encrypt-content-aes256-cbc-prop.xml |
| Contains a useless EncryptionProperty. |
| |
| . encrypt-element-aes256-cbc-carried-kw-aes256.xml |
| External EncryptedKey contains a CarriedKeyName which |
| is referenced by a KeyName in the EncryptedData; the |
| key for Recipient "someone else" is not for you; the |
| key for Recipient "you" is. |
| |
| . encrypt-element-aes256-cbc-retrieved-kw-aes256.xml |
| External EncryptedKey is identified by a RetrievalMethod |
| in the EncryptedData. |
| |
| . decryption-transform.xml |
| Decryption transform. |
| |
| . decryption-transform-except.xml |
| Decryption transform with Except. |
| |
| All signatures are performed with nontruncated HMAC |
| algorithms. |
| |
| For debugging purposes, where chosen, the MAC key is |
| "abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII"). Where |
| agreed, it has length equal to the HMAC output length; e.g., 256 |
| bits for HMAC/SHA-256. |
| |
| . encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml |
| RIPEMD-160 message digest; HMAC/RIPEMD-160 key is wrapped |
| using triple DES. The decryption key is from the above table, |
| identified by the key name "bob". |
| |
| . encsig-sha256-hmac-sha256-kw-aes128.xml |
| SHA-256 message digest; HMAC/SHA-256 key is wrapped using |
| AES-128. The decryption key is from the above table, identified |
| by the key name "job". |
| |
| . encsig-sha384-hmac-sha384-kw-aes192.xml |
| SHA-384 message digest; HMAC/SHA-384 key is wrapped using |
| AES-192. The decryption key is from the above table, identified |
| by the key name "jeb". |
| |
| . encsig-sha512-hmac-sha512-kw-aes256.xml |
| SHA-512 message digest; HMAC/SHA-512 key is wrapped using |
| AES-256. The decryption key is from the above table, identified |
| by the key name "jed". |
| |
| . encsig-hmac-sha256-rsa-1_5.xml |
| HMAC/SHA-256 keys is transported using RSA/OAEP. Your private |
| key has friendly name "RSA" in the P12. |
| |
| . encsig-hmac-sha256-rsa-oaep-mgf1p.xml |
| HMAC/SHA-256 keys is transported using RSA/PKCS#1. Your private |
| key has friendly name "RSA" in the P12. |
| |
| . encsig-hmac-sha256-dh.xml |
| HMAC/SHA-256 key is agreed using Diffie Hellman. Your private |
| key has friendly name "DH1" in the P12. |
| |
| . encsig-hmac-sha256-kw-tripledes-dh.xml |
| HMAC/SHA-256 key is wrapped using triple DES. The decryption |
| key is agreed using Diffie Hellman. Your private key has |
| friendly name "DH1" in the P12. |
| |
| Merlin Hughes <merlin@baltimore.ie> |
| Baltimore Technologies, Ltd. |
| |
| Monday, March 4, 2002 |