[xmlsec] increase min hmac size to 80 bits
- From: Aleksey Sanin <aleksey src gnome org>
- To: svn-commits-list gnome org
- Subject: [xmlsec] increase min hmac size to 80 bits
- Date: Fri, 17 Jul 2009 16:23:01 +0000 (UTC)
commit c07c1961dc8a08d81dad6c1fd984acd09ae99028
Author: Aleksey Sanin <aleksey aleksey com>
Date: Tue Jul 14 21:34:15 2009 -0700
increase min hmac size to 80 bits
src/gnutls/hmac.c | 7 ++++---
src/nss/hmac.c | 7 ++++---
src/openssl/hmac.c | 14 ++++++++++++--
.../enveloping-md5-hmac-md5-64.tmpl | 2 +-
.../enveloping-md5-hmac-md5-64.xml | 4 ++--
.../enveloping-ripemd160-hmac-ripemd160-64.tmpl | 2 +-
.../enveloping-ripemd160-hmac-ripemd160-64.xml | 4 ++--
.../enveloping-sha1-hmac-sha1-64.tmpl | 2 +-
.../enveloping-sha1-hmac-sha1-64.xml | 4 ++--
.../enveloping-sha224-hmac-sha224-64.tmpl | 2 +-
.../enveloping-sha224-hmac-sha224-64.xml | 4 ++--
.../enveloping-sha256-hmac-sha256-64.tmpl | 2 +-
.../enveloping-sha256-hmac-sha256-64.xml | 4 ++--
.../enveloping-sha384-hmac-sha384-64.tmpl | 2 +-
.../enveloping-sha384-hmac-sha384-64.xml | 4 ++--
.../enveloping-sha512-hmac-sha512-64.tmpl | 2 +-
.../enveloping-sha512-hmac-sha512-64.xml | 4 ++--
.../signature-enveloping-hmac-sha1-40.tmpl | 2 +-
.../signature-enveloping-hmac-sha1-40.xml | 4 ++--
...gnature-hmac-sha1-40-c14n-comments-detached.xml | 2 +-
...ac-sha1-40-exclusive-c14n-comments-detached.xml | 2 +-
21 files changed, 46 insertions(+), 34 deletions(-)
---
diff --git a/src/gnutls/hmac.c b/src/gnutls/hmac.c
index 140037f..d9a36e3 100644
--- a/src/gnutls/hmac.c
+++ b/src/gnutls/hmac.c
@@ -23,8 +23,9 @@
#include <xmlsec/gnutls/app.h>
#include <xmlsec/gnutls/crypto.h>
-#define XMLSEC_GNUTLS_MIN_HMAC_SIZE 40
-#define XMLSEC_GNUTLS_MAX_HMAC_SIZE 128
+/* sizes in bits */
+#define XMLSEC_GNUTLS_MIN_HMAC_SIZE 80
+#define XMLSEC_GNUTLS_MAX_HMAC_SIZE (128 * 8)
/**************************************************************************
*
@@ -65,7 +66,7 @@ typedef struct _xmlSecGnuTLSHmacCtx xmlSecGnuTLSHmacCtx, *xmlSecGnuTLSHmacCtxPt
struct _xmlSecGnuTLSHmacCtx {
int digest;
GcryMDHd digestCtx;
- xmlSecByte dgst[XMLSEC_GNUTLS_MAX_HMAC_SIZE];
+ xmlSecByte dgst[XMLSEC_GNUTLS_MAX_HMAC_SIZE / 8];
xmlSecSize dgstSize; /* dgst size in bits */
};
diff --git a/src/nss/hmac.c b/src/nss/hmac.c
index 50d4849..31d7f06 100644
--- a/src/nss/hmac.c
+++ b/src/nss/hmac.c
@@ -26,8 +26,9 @@
#include <xmlsec/nss/app.h>
#include <xmlsec/nss/crypto.h>
-#define XMLSEC_NSS_MIN_HMAC_SIZE 40
-#define XMLSEC_NSS_MAX_HMAC_SIZE 128
+/* sizes in bits */
+#define XMLSEC_NSS_MIN_HMAC_SIZE 80
+#define XMLSEC_NSS_MAX_HMAC_SIZE (128 * 8)
/**************************************************************************
*
@@ -68,7 +69,7 @@ typedef struct _xmlSecNssHmacCtx xmlSecNssHmacCtx, *xmlSecNssHmacCtxPtr;
struct _xmlSecNssHmacCtx {
CK_MECHANISM_TYPE digestType;
PK11Context* digestCtx;
- xmlSecByte dgst[XMLSEC_NSS_MAX_HMAC_SIZE];
+ xmlSecByte dgst[XMLSEC_NSS_MAX_HMAC_SIZE / 8];
xmlSecSize dgstSize; /* dgst size in bits */
};
diff --git a/src/openssl/hmac.c b/src/openssl/hmac.c
index 79b5830..da5df49 100644
--- a/src/openssl/hmac.c
+++ b/src/openssl/hmac.c
@@ -32,7 +32,9 @@
#include <xmlsec/openssl/crypto.h>
-#define XMLSEC_OPENSSL_MIN_HMAC_SIZE 40
+/* sizes in bits */
+#define XMLSEC_OPENSSL_MIN_HMAC_SIZE 80
+#define XMLSEC_OPENSSL_MAX_HMAC_SIZE (EVP_MAX_MD_SIZE * 8)
/**************************************************************************
*
@@ -74,7 +76,7 @@ struct _xmlSecOpenSSLHmacCtx {
const EVP_MD* hmacDgst;
HMAC_CTX hmacCtx;
int ctxInitialized;
- xmlSecByte dgst[EVP_MAX_MD_SIZE];
+ xmlSecByte dgst[XMLSEC_OPENSSL_MAX_HMAC_SIZE];
xmlSecSize dgstSize; /* dgst size in bits */
};
@@ -380,6 +382,14 @@ xmlSecOpenSSLHmacVerify(xmlSecTransformPtr transform,
/* compare the digest size in bytes */
if(dataSize != ((ctx->dgstSize + 7) / 8)){
+ /* NO COMMIT */
+ xmlChar* a;
+ mask = last_byte_masks[ctx->dgstSize % 8];
+ ctx->dgst[dataSize - 1] &= mask;
+ a = xmlSecBase64Encode(ctx->dgst, (ctx->dgstSize + 7) / 8, -1);
+ fprintf(stderr, "%s\n", a);
+ xmlFree(a);
+
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
diff --git a/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl b/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl
index e95e766..b43fade 100644
--- a/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl
+++ b/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
diff --git a/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml b/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml
index 0df316d..195993a 100644
--- a/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml
+++ b/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml
@@ -3,13 +3,13 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
<DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>j202k+irNYE=</SignatureValue>
+ <SignatureValue>8woIGhwIlkw9Gw==</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl b/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl
index 129a860..3790932 100644
--- a/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl
+++ b/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
diff --git a/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml b/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml
index 582dc96..a91328d 100644
--- a/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml
+++ b/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml
@@ -3,13 +3,13 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
<DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>+TxC/QCigpQ=</SignatureValue>
+ <SignatureValue>cAAf5NRMJvdO9w==</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl b/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl
index 7057978..de4dee3 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl
+++ b/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml b/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml
index bdb5f74..000cbc6 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml
+++ b/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml
@@ -3,13 +3,13 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>f/uhIfsfFeg=</SignatureValue>
+ <SignatureValue>xjqFz/yYQRTOrw==</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl b/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl
index 3a649e8..6bcac30 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl
+++ b/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha224";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml b/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml
index bd0b4ce..2f87f4b 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml
+++ b/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml
@@ -3,13 +3,13 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha224";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<DigestValue>azpKU6mkkPqPdDdtDXlEzVb0Xo2HgZMfuJ8KBw==</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>ULeTuYfbvSc=</SignatureValue>
+ <SignatureValue>lZnrOj6ykWj7Zg==</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl b/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl
index d0940ba..ffbbc6f 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl
+++ b/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml b/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml
index 9044be7..4e6d812 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml
+++ b/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml
@@ -3,13 +3,13 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>iDhYt78o294fA6pzQ7k44+eejrQMi+WX3l3UrUdtL1Q=</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>BSM2P+9soOk=</SignatureValue>
+ <SignatureValue>zDqLw++TOXixpw==</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl b/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl
index 10b6a5f..fcccf83 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl
+++ b/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml b/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml
index b487c2b..d5a442a 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml
+++ b/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml
@@ -3,13 +3,13 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<DigestValue>uTx8AeqrTmv+nijRsWW7TOs1pCIuCudsFRVloP6hPin8Q4x9fFX2j/zj53XB37OG</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>azErzRgKjtM=</SignatureValue>
+ <SignatureValue>ZgeAT9hZEkXlyQ==</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl b/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl
index 26bf823..e1f3702 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl
+++ b/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
diff --git a/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml b/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml
index 3ec6672..ccc0f4a 100644
--- a/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml
+++ b/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";>
- <HMACOutputLength>64</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
@@ -11,6 +11,6 @@
XDnbRaf22WqerzX1vL0QzA==</DigestValue>
</Reference>
</SignedInfo>
- <SignatureValue>rQcObPRcpOc=</SignatureValue>
+ <SignatureValue>shktZYjrs58vuA==</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl b/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl
index 06bd1a8..1057b61 100644
--- a/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl
+++ b/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";>
- <HMACOutputLength>40</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
diff --git a/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml b/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml
index 4904d79..d654c53 100644
--- a/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml
+++ b/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml
@@ -3,7 +3,7 @@
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";>
- <HMACOutputLength>40</HMACOutputLength>
+ <HMACOutputLength>80</HMACOutputLength>
</SignatureMethod>
<Reference URI="#object">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
@@ -11,7 +11,7 @@
</Reference>
</SignedInfo>
<SignatureValue>
- HHiqvCU=
+ xjqFz/yYQRTOrw==
</SignatureValue>
<Object Id="object">some text</Object>
</Signature>
diff --git a/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml b/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml
index 2dbe446..5427ba3 100644
--- a/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml
+++ b/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml
@@ -1 +1 @@
-<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";><dsig:HMACOutputLength>40</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt";><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>D8A3AYM=</dsig:SignatureValue></dsig:Signature>
\ No newline at end of file
+<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";><dsig:HMACOutputLength>80</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt";><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>e/Cz41h/IJocTg==</dsig:SignatureValue></dsig:Signature>
\ No newline at end of file
diff --git a/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml b/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml
index 212f322..8a9fabf 100644
--- a/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml
+++ b/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml
@@ -1 +1 @@
-<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";><dsig:HMACOutputLength>40</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt";><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>awZmh2c=</dsig:SignatureValue></dsig:Signature>
\ No newline at end of file
+<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1";><dsig:HMACOutputLength>80</dsig:HMACOutputLength></dsig:SignatureMethod><dsig:Reference URI="http://www.ietf.org/rfc/rfc3161.txt";><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>eT5ZU9fkIwQ9b9XAYq+iIYnj0DQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>iuQK6TvAjMciIw==</dsig:SignatureValue></dsig:Signature>
\ No newline at end of file
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
