diff options
Diffstat (limited to 'docs/tests/aleksey-xmldsig-01')
12 files changed, 533 insertions, 0 deletions
diff --git a/docs/tests/aleksey-xmldsig-01/README b/docs/tests/aleksey-xmldsig-01/README new file mode 100644 index 00000000..7b12f7b3 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/README @@ -0,0 +1,47 @@ +README +http://groups.google.com/groups?hl=en&threadm=9jlbt7%243141%241%40FreeBSD.csie.NCTU.edu.tw&rnum=20&prev=/groups%3Fq%3Dopenssl%2Bx509%2Bcertificates%2Bchain%26start%3D10%26hl%3Den%26selm%3D9jlbt7%25243141%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D20 +http://www.post1.com/home/ngps/m2/howto.ca.html + + +Commands: + +(0) create new CA and modify the openssl.cnf file +to point to it + +> CA.pl -newca + +(1) a self-signed des3 root ca cert, using + +> openssl genrsa -des3 -out ca.key +> openssl req -new -key ca.key -out ca.csr +> openssl x509 -req -signkey ca.key -out ca.crt -in ca.csr + +verify ca.crt + +> openssl x509 -text -in ca.crt + +(2) a second ca cert, signed by the first ca, using + +> openssl genrsa -des3 -out ca2.key +> openssl req -new -key ca2.key -out ca2.csr +> openssl ca -cert ca.crt -keyfile ca.key -out ca2.crt -infiles ca2.csr + +verify ca2.crt + +> openssl x509 -text -in ca2.crt +> openssl verify -CAfile ca.crt ca2.crt + + +(3) a user cert using + +> openssl genrsa -des3 -out user.key +> openssl req -new -key user.key -out user.csr +> openssl ca -cert ca2.crt -keyfile ca2.key -out user.crt -infiles user.csr + + +verify user.crt + +> openssl x509 -text -in ca3.crt +> openssl verify -CAfile ca.crt -untrusted ca2.crt user.crt + + diff --git a/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd new file mode 100644 index 00000000..630c0aea --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd @@ -0,0 +1 @@ +<!ATTLIST SOAP:Body id ID #IMPLIED> diff --git a/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.xml b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.xml new file mode 100644 index 00000000..8293a647 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.xml @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"><SOAP:Header><wsse:Security><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> +<SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"> + <HMACOutputLength>91</HMACOutputLength> + </SignatureMethod> + <Reference URI="#Body"> + <Transforms> + <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + </Transforms> + <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <DigestValue>KlK8TF9wnLYvXz008MJV4umoHhE=</DigestValue> + </Reference> +</SignedInfo> + <SignatureValue>gmtoF50KWNUTGQCg</SignatureValue><KeyInfo><KeyName>name:KEY</KeyName></KeyInfo></Signature></wsse:Security></SOAP:Header><SOAP:Body id="Body"> +<echo xmlns="http://www.example.org"> +this +is +a +test +of +echoing +simple-91 +</echo> +</SOAP:Body></SOAP:Envelope> + diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml b/docs/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml new file mode 100644 index 00000000..f6d02ea5 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml @@ -0,0 +1,87 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <Reference URI="#object"> + <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>Niji66p2agomSLiShIYXIekL7bdFEnxzpa2ETcad9mHXHWd218vjUg==</SignatureValue> + <KeyInfo> + <X509Data> + <X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD +ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ +ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB +gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT +b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx +kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w +DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg +Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV +HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG +EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5 +IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE +CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu +MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN +BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F +08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT +T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg +6A==</X509Certificate> +<X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k +IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh +MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB +BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn +ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF +MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj +YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm +gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR +BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5 +IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg +Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG +SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN +AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO +kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl +lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate> +<X509Certificate>MIIEdDCCBB6gAwIBAgIJANaOuOCRgiz5MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG +A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD +Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j +b20wHhcNMDUwNzEwMDIzMTU5WhcNMTUwNzA4MDIzMTU5WjCBxzELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM +aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT +IFRlc3QgVGhpcmQgTGV2ZWwgRFNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr +c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wgfAw +gagGByqGSM44BAEwgZwCQQDIMfw6P79Fcw0hrxYKq3ePh7wmevc95UjfF2JHQJBX +Jb9XFBa5LRy71lzh/OYMH4oh4giiFVRVBCW9HpZqOTNJAhUAlEOrmqjJG3tfjU49 +XjJuM3AXNskCQAUzwzmbp53bZ+bzDcOU6UGh3Ig/TFdLGXYevs3tiZaFLa//EYF+ +l5Tdsr3NQpGRRf4arXvXPZyIJhYYHJVk7OMDQwACQDonSDDJk3VaIfdVHPnOitRq +V5XPFfMDksNb0WelnZdl/qokl9eaU+8uiH7LtsU0QYX9lE8kTplcUdD0bxjDYJ2j +ggFTMIIBTzAMBgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl +bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUpVifKXAtGkJHRAParmenuvcp +ZT4wgfEGA1UdIwSB6TCB5oAU/uTsUyTwlZXHELXhRLVdOWVa436hgcKkgb8wgbwx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwg +U2VjdXJpdHkgTGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMp +MR4wHAYDVQQLExVUZXN0IFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtz +ZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJANaO +uOCRgiz4MA0GCSqGSIb3DQEBBQUAA0EAJB9Kc4/Z0hTwiDYR5fXVPyzAjD+BeChR +F14ztWl1Ol6REWFRbIGfEz3XDgCHCiocM8ExXi7zn26R072cdBz7+w==</X509Certificate> +</X509Data> + </KeyInfo> + <Object Id="object">some text</Object> +</Signature> diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml b/docs/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml new file mode 100644 index 00000000..cc4d4cca --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml @@ -0,0 +1,85 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <Reference URI="#object"> + <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>SPqE1/nehy9KOKeFSODZWZyvUZ/iS4jameUSXtvmfPgez5lN5QL4ox+QDlo37IeW +NDjt380ZiA7kx9pnlx8jfQ==</SignatureValue> + <KeyInfo> + <X509Data> + <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k +IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh +MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB +BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn +ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF +MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj +YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm +gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR +BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5 +IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg +Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG +SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN +AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO +kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl +lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate> +<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD +ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ +ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB +gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT +b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx +kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w +DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg +Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV +HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG +EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5 +IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE +CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu +MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN +BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F +08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT +T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg +6A==</X509Certificate> +<X509Certificate>MIID2zCCA4WgAwIBAgIJANaOuOCRgiz7MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG +A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD +Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j +b20wHhcNMDUwNzEwMDM1MTU2WhcNMDUwNzExMDM1MTU2WjCBwzELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM +aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxJTAjBgNVBAsT +HFRlc3QgRXhwaXJlZCBSU0EgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkg +U2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTBcMA0GCSqG +SIb3DQEBAQUAA0sAMEgCQQDJUmVgQEBmML80PvR8zIwGkyDiE5boEWR4pGmaGUOH +bRnFQkt2mt+4/QeYtm7GRVRUe6YJigUovU1u3DQDiOjzAgMBAAGjggFTMIIBTzAM +BgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD +ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU+fqJEjRKO1kG3y4X8sCPsiYHeMkwgfEGA1Ud +IwSB6TCB5oAU/uTsUyTwlZXHELXhRLVdOWVa436hgcKkgb8wgbwxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkg +TGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMR4wHAYDVQQL +ExVUZXN0IFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4x +ITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJANaOuOCRgiz4MA0G +CSqGSIb3DQEBBQUAA0EAmLTpL4oqi+VjrLISYYxY5FfAqACYAOpIbIdWM2QtjozB +dQxFVSK2RHn2z1W2gWy7N8VQmfrggN73LIKOXuoV5A==</X509Certificate> +</X509Data> + </KeyInfo> + <Object Id="object">some text</Object> +</Signature> diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml new file mode 100644 index 00000000..0df316d9 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"> + <HMACOutputLength>64</HMACOutputLength> + </SignatureMethod> + <Reference URI="#object"> + <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/> + <DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>j202k+irNYE=</SignatureValue> + <Object Id="object">some text</Object> +</Signature> diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml new file mode 100644 index 00000000..d8159789 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"/> + <Reference URI="#object"> + <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/> + <DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>7uFBgN6DOM9SJj+UBkM2fQ==</SignatureValue> + <Object Id="object">some text</Object> +</Signature> diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml new file mode 100644 index 00000000..582dc96d --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"> + <HMACOutputLength>64</HMACOutputLength> + </SignatureMethod> + <Reference URI="#object"> + <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/> + <DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>+TxC/QCigpQ=</SignatureValue> + <Object Id="object">some text</Object> +</Signature> diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml new file mode 100644 index 00000000..057cf471 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"/> + <Reference URI="#object"> + <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/> + <DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>tt3/nrk/uQ79pKHEZaCxXNncAtg=</SignatureValue> + <Object Id="object">some text</Object> +</Signature> diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml b/docs/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml new file mode 100644 index 00000000..0cf0f425 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml @@ -0,0 +1,85 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <Reference URI="#object"> + <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>RCkGabfqV1XpXvx0rGDEIAzs4/U9TDKvZIWN9MBRi5BPAr1pXnX0iAve+2OEeBTm +nstv7BjG6CDnb69ouJSeWg==</SignatureValue> + <KeyInfo> + <X509Data> + <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k +IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh +MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB +BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn +ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF +MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj +YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm +gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR +BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5 +IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg +Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG +SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN +AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO +kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl +lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate> +<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD +ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ +ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB +gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT +b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx +kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w +DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg +Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV +HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG +EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5 +IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE +CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu +MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN +BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F +08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT +T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg +6A==</X509Certificate> +<X509Certificate>MIID3zCCA4mgAwIBAgIJANaOuOCRgiz6MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG +A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD +Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j +b20wHhcNMDUwNzEwMDIzMzAyWhcNMTUwNzA4MDIzMzAyWjCBxzELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM +aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT +IFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr +c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wXDAN +BgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7LjqdnsYmW0tbD +VxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQABo4IBUzCC +AU8wDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0 +ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTMQygZMIHx +BgNVHSMEgekwgeaAFP7k7FMk8JWVxxC14US1XTllWuN+oYHCpIG/MIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs ++DANBgkqhkiG9w0BAQUFAANBAEfjvmWwi2gBpYt7bwF6oHiFLoIh5kiLAPrlOFAb +PZlLDqr5+eDcr1cf0pksgW7fVE9NzTSmwjDFuEcPqJV62Ek=</X509Certificate> +</X509Data> + </KeyInfo> + <Object Id="object">some text</Object> +</Signature> diff --git a/docs/tests/aleksey-xmldsig-01/x509data-test.xml b/docs/tests/aleksey-xmldsig-01/x509data-test.xml new file mode 100644 index 00000000..287cc778 --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/x509data-test.xml @@ -0,0 +1,117 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Document> + <ToBeSigned> + Some very secret data + </ToBeSigned> + <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <Reference URI=""> + <Transforms> + <Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"> + <XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2" Filter="intersect"> //ToBeSigned </XPath> + </Transform> + </Transforms> + <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <DigestValue>3om1gINPzaogcdLuDdjIQlls4NE=</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>W/X7k6Q6T9RFW56VkRV9HGW5wkyUxvvlUcEyUkggVE04gsOK0Rx0rqq2woUxzkk1 +jvXfCtm2xknb2/cOmqfO/g==</SignatureValue> + <KeyInfo> + <X509Data> + + + + + + <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k +IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh +MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB +BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn +ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF +MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj +YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm +gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR +BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5 +IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg +Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG +SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN +AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO +kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl +lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate> +<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Second Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName> +<X509IssuerSerial> +<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName> +<X509SerialNumber>15460497845462904056</X509SerialNumber> +</X509IssuerSerial> +<X509SKI>/uTsUyTwlZXHELXhRLVdOWVa434=</X509SKI> +<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw +MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw +Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD +ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ +ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB +gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT +b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx +kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w +DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg +Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV +HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG +EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5 +IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE +CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu +MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN +BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F +08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT +T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg +6A==</X509Certificate> +<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName> +<X509IssuerSerial> +<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName> +<X509SerialNumber>15460497845462904055</X509SerialNumber> +</X509IssuerSerial> +<X509SKI>2kbpa+av0z2q5SFLUu3KZijg/oU=</X509SKI> +<X509Certificate>MIID3zCCA4mgAwIBAgIJANaOuOCRgiz6MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG +A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD +Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j +b20wHhcNMDUwNzEwMDIzMzAyWhcNMTUwNzA4MDIzMzAyWjCBxzELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM +aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT +IFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr +c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wXDAN +BgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7LjqdnsYmW0tbD +VxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQABo4IBUzCC +AU8wDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0 +ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTMQygZMIHx +BgNVHSMEgekwgeaAFP7k7FMk8JWVxxC14US1XTllWuN+oYHCpIG/MIG8MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy +aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG +A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh +bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs ++DANBgkqhkiG9w0BAQUFAANBAEfjvmWwi2gBpYt7bwF6oHiFLoIh5kiLAPrlOFAb +PZlLDqr5+eDcr1cf0pksgW7fVE9NzTSmwjDFuEcPqJV62Ek=</X509Certificate> +<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Third Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName> +<X509IssuerSerial> +<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Second Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName> +<X509SerialNumber>15460497845462904058</X509SerialNumber> +</X509IssuerSerial> +<X509SKI>1/TGRnfONwQjrSlU+7AOpMxDKBk=</X509SKI> +</X509Data> + </KeyInfo> + </Signature> +</Document> diff --git a/docs/tests/aleksey-xmldsig-01/xpointer-hmac.xml b/docs/tests/aleksey-xmldsig-01/xpointer-hmac.xml new file mode 100644 index 00000000..2a255f8a --- /dev/null +++ b/docs/tests/aleksey-xmldsig-01/xpointer-hmac.xml @@ -0,0 +1,28 @@ +<?xml version="1.0"?> +<!DOCTYPE test [ +<!ATTLIST ToBeSigned Id ID #IMPLIED> +]> +<Document xmlns:xenc="http://www.example.org/xenc" xmlns:dsig="http://www.example.org/dsig"> + <ToBeSigned Id="foo"> + <Secrets>Test</Secrets> + </ToBeSigned> + <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> + <SignedInfo> + <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> + <Reference URI=""> + <Transforms> + <Transform Algorithm="http://www.w3.org/2001/04/xmldsig-more/xptr"> + <XPointer xmlns="http://www.w3.org/2001/04/xmldsig-more/xptr"> + xpointer(id("foo")) + </XPointer> + </Transform> + </Transforms> + <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <DigestValue>faszbFrqwUNeZH5QrXPPobn+zso=</DigestValue> + </Reference> + </SignedInfo> + <SignatureValue>BTB6iZWZjOIG0JjGjpYbihO3Igg=</SignatureValue> + <Object Id="object">some text</Object> + </Signature> +</Document> |