data/ie/baltimore/merlin-examples/merlin-xmlenc-five/Readme.txt - santuario-xml-security-java - Git at Google

 Example Signatures[1] using Encryption[2] key information and
 Additional Security URIs[3], Encrypted Data[2] and Decryption
 Transform[4]

 [1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
 [2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/
 [3] http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt
 [4] http://www.w3.org/TR/xmlenc-decrypt

 ***
 Some of these signature are WITHOUT cryptographic merit;
 for example, key transport of an HMAC key is meaningless.
 These are provided solely for testing purposes.
 ***

 Private keys necessary for performing the verification
 and decryption are provided in the PKCS#12 file ids.p12,
 encrypted under the pass phrase "Our Little Secret". I
 may have done some of the ASN.1 encoding in this P12
 incorrectly; I hope not. Private keys are also available
 in PKCS#8 encoding; rsa.p8, dh1.p8.

 RSA/OAEP is presently poorly defined; I assume MGF1/SHA-1.

 Secret keys are identified by key name as follows:

  Key Name | Algorithm | Key Value
 ----------+-----------+-----------
    bob    |   3des    | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
    job    |  aes-128  | "abcdefghijklmnop".getBytes ("ASCII")
    jeb    |  aes-192  | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
    jed    |  aes-256  | "abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII")

 . encrypt-content-aes128-cbc-kw-aes192.xml
 . encrypt-content-aes192-cbc-dh-sha512.xml
 . encrypt-content-tripledes-cbc.xml
 . encrypt-data-aes128-cbc.xml
 . encrypt-data-aes192-cbc-kw-aes256.xml
 . encrypt-data-aes256-cbc-kw-tripledes.xml
 . encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
 . encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml
 . encrypt-element-aes128-cbc-rsa-1_5.xml
 . encrypt-element-aes192-cbc-ref.xml
 . encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
 . encrypt-element-tripledes-cbc-kw-aes128.xml
   Encrypted content, element and data. RSA private key has
   friendly name "RSA" in the P12, and is rsa.p8.
   DH private key has ID "DH1", and is dh1.p8.

 . encrypt-content-aes256-cbc-prop.xml
   Contains a useless EncryptionProperty.

 . encrypt-element-aes256-cbc-carried-kw-aes256.xml
   External EncryptedKey contains a CarriedKeyName which
   is referenced by a KeyName in the EncryptedData; the
   key for Recipient "someone else" is not for you; the
   key for Recipient "you" is.

 . encrypt-element-aes256-cbc-retrieved-kw-aes256.xml
   External EncryptedKey is identified by a RetrievalMethod
   in the EncryptedData.

 . decryption-transform.xml
   Decryption transform.

 . decryption-transform-except.xml
   Decryption transform with Except.

 All signatures are performed with nontruncated HMAC
 algorithms.

 For debugging purposes, where chosen, the MAC key is
 "abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII"). Where
 agreed, it has length equal to the HMAC output length; e.g., 256
 bits for HMAC/SHA-256.

 . encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml
   RIPEMD-160 message digest; HMAC/RIPEMD-160 key is wrapped
   using triple DES. The decryption key is from the above table,
   identified by the key name "bob".

 . encsig-sha256-hmac-sha256-kw-aes128.xml
   SHA-256 message digest; HMAC/SHA-256 key is wrapped using
   AES-128. The decryption key is from the above table, identified
   by the key name "job".

 . encsig-sha384-hmac-sha384-kw-aes192.xml
   SHA-384 message digest; HMAC/SHA-384 key is wrapped using
   AES-192. The decryption key is from the above table, identified
   by the key name "jeb".

 . encsig-sha512-hmac-sha512-kw-aes256.xml
   SHA-512 message digest; HMAC/SHA-512 key is wrapped using
   AES-256. The decryption key is from the above table, identified
   by the key name "jed".

 . encsig-hmac-sha256-rsa-1_5.xml
   HMAC/SHA-256 keys is transported using RSA/OAEP. Your private
   key has friendly name "RSA" in the P12.

 . encsig-hmac-sha256-rsa-oaep-mgf1p.xml
   HMAC/SHA-256 keys is transported using RSA/PKCS#1. Your private
   key has friendly name "RSA" in the P12.

 . encsig-hmac-sha256-dh.xml
   HMAC/SHA-256 key is agreed using Diffie Hellman. Your private
   key has friendly name "DH1" in the P12.

 . encsig-hmac-sha256-kw-tripledes-dh.xml
   HMAC/SHA-256 key is wrapped using triple DES. The decryption
   key is agreed using Diffie Hellman. Your private key has
   friendly name "DH1" in the P12.

 Merlin Hughes <merlin@baltimore.ie>
 Baltimore Technologies, Ltd.

 Monday, March 4, 2002
	Example Signatures[1] using Encryption[2] key information and
	Additional Security URIs[3], Encrypted Data[2] and Decryption
	Transform[4]

	[1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
	[2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/
	[3] http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt
	[4] http://www.w3.org/TR/xmlenc-decrypt

	***
	Some of these signature are WITHOUT cryptographic merit;
	for example, key transport of an HMAC key is meaningless.
	These are provided solely for testing purposes.
	***

	Private keys necessary for performing the verification
	and decryption are provided in the PKCS#12 file ids.p12,
	encrypted under the pass phrase "Our Little Secret". I
	may have done some of the ASN.1 encoding in this P12
	incorrectly; I hope not. Private keys are also available
	in PKCS#8 encoding; rsa.p8, dh1.p8.

	RSA/OAEP is presently poorly defined; I assume MGF1/SHA-1.

	Secret keys are identified by key name as follows:

	Key Name \| Algorithm \| Key Value
	----------+-----------+-----------
	bob \| 3des \| "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
	job \| aes-128 \| "abcdefghijklmnop".getBytes ("ASCII")
	jeb \| aes-192 \| "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
	jed \| aes-256 \| "abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII")

	. encrypt-content-aes128-cbc-kw-aes192.xml
	. encrypt-content-aes192-cbc-dh-sha512.xml
	. encrypt-content-tripledes-cbc.xml
	. encrypt-data-aes128-cbc.xml
	. encrypt-data-aes192-cbc-kw-aes256.xml
	. encrypt-data-aes256-cbc-kw-tripledes.xml
	. encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
	. encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml
	. encrypt-element-aes128-cbc-rsa-1_5.xml
	. encrypt-element-aes192-cbc-ref.xml
	. encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
	. encrypt-element-tripledes-cbc-kw-aes128.xml
	Encrypted content, element and data. RSA private key has
	friendly name "RSA" in the P12, and is rsa.p8.
	DH private key has ID "DH1", and is dh1.p8.

	. encrypt-content-aes256-cbc-prop.xml
	Contains a useless EncryptionProperty.

	. encrypt-element-aes256-cbc-carried-kw-aes256.xml
	External EncryptedKey contains a CarriedKeyName which
	is referenced by a KeyName in the EncryptedData; the
	key for Recipient "someone else" is not for you; the
	key for Recipient "you" is.

	. encrypt-element-aes256-cbc-retrieved-kw-aes256.xml
	External EncryptedKey is identified by a RetrievalMethod
	in the EncryptedData.

	. decryption-transform.xml
	Decryption transform.

	. decryption-transform-except.xml
	Decryption transform with Except.

	All signatures are performed with nontruncated HMAC
	algorithms.

	For debugging purposes, where chosen, the MAC key is
	"abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII"). Where
	agreed, it has length equal to the HMAC output length; e.g., 256
	bits for HMAC/SHA-256.

	. encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml
	RIPEMD-160 message digest; HMAC/RIPEMD-160 key is wrapped
	using triple DES. The decryption key is from the above table,
	identified by the key name "bob".

	. encsig-sha256-hmac-sha256-kw-aes128.xml
	SHA-256 message digest; HMAC/SHA-256 key is wrapped using
	AES-128. The decryption key is from the above table, identified
	by the key name "job".

	. encsig-sha384-hmac-sha384-kw-aes192.xml
	SHA-384 message digest; HMAC/SHA-384 key is wrapped using
	AES-192. The decryption key is from the above table, identified
	by the key name "jeb".

	. encsig-sha512-hmac-sha512-kw-aes256.xml
	SHA-512 message digest; HMAC/SHA-512 key is wrapped using
	AES-256. The decryption key is from the above table, identified
	by the key name "jed".

	. encsig-hmac-sha256-rsa-1_5.xml
	HMAC/SHA-256 keys is transported using RSA/OAEP. Your private
	key has friendly name "RSA" in the P12.

	. encsig-hmac-sha256-rsa-oaep-mgf1p.xml
	HMAC/SHA-256 keys is transported using RSA/PKCS#1. Your private
	key has friendly name "RSA" in the P12.

	. encsig-hmac-sha256-dh.xml
	HMAC/SHA-256 key is agreed using Diffie Hellman. Your private
	key has friendly name "DH1" in the P12.

	. encsig-hmac-sha256-kw-tripledes-dh.xml
	HMAC/SHA-256 key is wrapped using triple DES. The decryption
	key is agreed using Diffie Hellman. Your private key has
	friendly name "DH1" in the P12.

	Merlin Hughes <merlin@baltimore.ie>
	Baltimore Technologies, Ltd.

	Monday, March 4, 2002