summaryrefslogtreecommitdiff
path: root/docs/tests
diff options
context:
space:
mode:
Diffstat (limited to 'docs/tests')
-rw-r--r--docs/tests/aleksey-xmldsig-01/README47
-rw-r--r--docs/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd1
-rw-r--r--docs/tests/aleksey-xmldsig-01/dtd-hmac-91.xml27
-rw-r--r--docs/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml87
-rw-r--r--docs/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml85
-rw-r--r--docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml15
-rw-r--r--docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml13
-rw-r--r--docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml15
-rw-r--r--docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml13
-rw-r--r--docs/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml85
-rw-r--r--docs/tests/aleksey-xmldsig-01/x509data-test.xml117
-rw-r--r--docs/tests/aleksey-xmldsig-01/xpointer-hmac.xml28
-rw-r--r--docs/tests/keys-certs/cacert.pem72
-rw-r--r--docs/tests/keys-certs/cakey.pem18
-rw-r--r--docs/tests/keys-certs/keys.xml83
-rw-r--r--docs/tests/keys-certs/merlin.pem21
-rw-r--r--docs/tests/merlin-exc-c14n-one/Readme.txt3
-rw-r--r--docs/tests/merlin-exc-c14n-one/c14n-0.txt5
-rw-r--r--docs/tests/merlin-exc-c14n-one/c14n-1.txt5
-rw-r--r--docs/tests/merlin-exc-c14n-one/c14n-2.txt5
-rw-r--r--docs/tests/merlin-exc-c14n-one/c14n-3.txt5
-rw-r--r--docs/tests/merlin-exc-c14n-one/c14n-4.txt36
-rw-r--r--docs/tests/merlin-exc-c14n-one/exc-signature.tmpl52
-rw-r--r--docs/tests/merlin-exc-c14n-one/exc-signature.xml73
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/Readme.txt63
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/badb.derbin0 -> 850 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/badb.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/balor.derbin0 -> 851 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/balor.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/bres.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/ca.derbin0 -> 862 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/ca.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.derbin0 -> 851 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/lugh.derbin0 -> 442 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/lugh.pem12
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/macha.derbin0 -> 852 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/macha.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/merlin.derbin0 -> 847 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/merlin.pem21
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/morigu.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/nemain.derbin0 -> 852 bytes
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/certs/nemain.pem20
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml43
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml42
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml39
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml17
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml15
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml31
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml41
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml38
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-keyname.xml17
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml17
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml47
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml38
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml24
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml21
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml21
-rw-r--r--docs/tests/merlin-xmldsig-twenty-three/signature.xml269
-rw-r--r--docs/tests/merlin-xmlenc-five/Readme.txt117
-rw-r--r--docs/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml42
-rw-r--r--docs/tests/merlin-xmlenc-five/decryption-transform-except.xml83
-rw-r--r--docs/tests/merlin-xmlenc-five/decryption-transform.xml73
-rw-r--r--docs/tests/merlin-xmlenc-five/dh0.p8bin0 -> 445 bytes
-rw-r--r--docs/tests/merlin-xmlenc-five/dh1.p8bin0 -> 445 bytes
-rw-r--r--docs/tests/merlin-xmlenc-five/dsa.p8bin0 -> 334 bytes
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml42
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml113
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml39
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml32
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml12
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml22
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml22
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml46
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml43
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml60
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml39
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml57
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml122
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml44
-rw-r--r--docs/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml40
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml98
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml108
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml46
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml51
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml27
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml27
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml27
-rw-r--r--docs/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml28
-rw-r--r--docs/tests/merlin-xmlenc-five/ids.p12bin0 -> 9103 bytes
-rw-r--r--docs/tests/merlin-xmlenc-five/plaintext.txt1
-rw-r--r--docs/tests/merlin-xmlenc-five/plaintext.xml24
-rw-r--r--docs/tests/merlin-xmlenc-five/rsa.p8bin0 -> 635 bytes
93 files changed, 3372 insertions, 0 deletions
diff --git a/docs/tests/aleksey-xmldsig-01/README b/docs/tests/aleksey-xmldsig-01/README
new file mode 100644
index 00000000..7b12f7b3
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/README
@@ -0,0 +1,47 @@
+README
+http://groups.google.com/groups?hl=en&threadm=9jlbt7%243141%241%40FreeBSD.csie.NCTU.edu.tw&rnum=20&prev=/groups%3Fq%3Dopenssl%2Bx509%2Bcertificates%2Bchain%26start%3D10%26hl%3Den%26selm%3D9jlbt7%25243141%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D20
+http://www.post1.com/home/ngps/m2/howto.ca.html
+
+
+Commands:
+
+(0) create new CA and modify the openssl.cnf file
+to point to it
+
+> CA.pl -newca
+
+(1) a self-signed des3 root ca cert, using
+
+> openssl genrsa -des3 -out ca.key
+> openssl req -new -key ca.key -out ca.csr
+> openssl x509 -req -signkey ca.key -out ca.crt -in ca.csr
+
+verify ca.crt
+
+> openssl x509 -text -in ca.crt
+
+(2) a second ca cert, signed by the first ca, using
+
+> openssl genrsa -des3 -out ca2.key
+> openssl req -new -key ca2.key -out ca2.csr
+> openssl ca -cert ca.crt -keyfile ca.key -out ca2.crt -infiles ca2.csr
+
+verify ca2.crt
+
+> openssl x509 -text -in ca2.crt
+> openssl verify -CAfile ca.crt ca2.crt
+
+
+(3) a user cert using
+
+> openssl genrsa -des3 -out user.key
+> openssl req -new -key user.key -out user.csr
+> openssl ca -cert ca2.crt -keyfile ca2.key -out user.crt -infiles user.csr
+
+
+verify user.crt
+
+> openssl x509 -text -in ca3.crt
+> openssl verify -CAfile ca.crt -untrusted ca2.crt user.crt
+
+
diff --git a/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd
new file mode 100644
index 00000000..630c0aea
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd
@@ -0,0 +1 @@
+<!ATTLIST SOAP:Body id ID #IMPLIED>
diff --git a/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.xml b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.xml
new file mode 100644
index 00000000..8293a647
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/dtd-hmac-91.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"><SOAP:Header><wsse:Security><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+<SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+ <HMACOutputLength>91</HMACOutputLength>
+ </SignatureMethod>
+ <Reference URI="#Body">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>KlK8TF9wnLYvXz008MJV4umoHhE=</DigestValue>
+ </Reference>
+</SignedInfo>
+ <SignatureValue>gmtoF50KWNUTGQCg</SignatureValue><KeyInfo><KeyName>name:KEY</KeyName></KeyInfo></Signature></wsse:Security></SOAP:Header><SOAP:Body id="Body">
+<echo xmlns="http://www.example.org">
+this
+is
+a
+test
+of
+echoing
+simple-91
+</echo>
+</SOAP:Body></SOAP:Envelope>
+
diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml b/docs/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml
new file mode 100644
index 00000000..f6d02ea5
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>Niji66p2agomSLiShIYXIekL7bdFEnxzpa2ETcad9mHXHWd218vjUg==</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
+ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
+ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
+b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
+kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
+DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
+Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
+HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
+IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
+CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
+MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
+BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
+08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
+T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
+6A==</X509Certificate>
+<X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
+IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
+MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
+ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
+MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
+YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
+gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
+BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
+IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
+Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
+SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
+AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
+kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
+lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
+<X509Certificate>MIIEdDCCBB6gAwIBAgIJANaOuOCRgiz5MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
+A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
+Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
+b20wHhcNMDUwNzEwMDIzMTU5WhcNMTUwNzA4MDIzMTU5WjCBxzELMAkGA1UEBhMC
+VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
+aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT
+IFRlc3QgVGhpcmQgTGV2ZWwgRFNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr
+c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wgfAw
+gagGByqGSM44BAEwgZwCQQDIMfw6P79Fcw0hrxYKq3ePh7wmevc95UjfF2JHQJBX
+Jb9XFBa5LRy71lzh/OYMH4oh4giiFVRVBCW9HpZqOTNJAhUAlEOrmqjJG3tfjU49
+XjJuM3AXNskCQAUzwzmbp53bZ+bzDcOU6UGh3Ig/TFdLGXYevs3tiZaFLa//EYF+
+l5Tdsr3NQpGRRf4arXvXPZyIJhYYHJVk7OMDQwACQDonSDDJk3VaIfdVHPnOitRq
+V5XPFfMDksNb0WelnZdl/qokl9eaU+8uiH7LtsU0QYX9lE8kTplcUdD0bxjDYJ2j
+ggFTMIIBTzAMBgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
+bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUpVifKXAtGkJHRAParmenuvcp
+ZT4wgfEGA1UdIwSB6TCB5oAU/uTsUyTwlZXHELXhRLVdOWVa436hgcKkgb8wgbwx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwg
+U2VjdXJpdHkgTGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMp
+MR4wHAYDVQQLExVUZXN0IFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtz
+ZXkgU2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJANaO
+uOCRgiz4MA0GCSqGSIb3DQEBBQUAA0EAJB9Kc4/Z0hTwiDYR5fXVPyzAjD+BeChR
+F14ztWl1Ol6REWFRbIGfEz3XDgCHCiocM8ExXi7zn26R072cdBz7+w==</X509Certificate>
+</X509Data>
+ </KeyInfo>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml b/docs/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml
new file mode 100644
index 00000000..cc4d4cca
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>SPqE1/nehy9KOKeFSODZWZyvUZ/iS4jameUSXtvmfPgez5lN5QL4ox+QDlo37IeW
+NDjt380ZiA7kx9pnlx8jfQ==</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
+IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
+MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
+ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
+MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
+YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
+gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
+BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
+IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
+Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
+SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
+AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
+kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
+lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
+<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
+ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
+ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
+b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
+kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
+DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
+Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
+HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
+IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
+CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
+MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
+BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
+08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
+T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
+6A==</X509Certificate>
+<X509Certificate>MIID2zCCA4WgAwIBAgIJANaOuOCRgiz7MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
+A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
+Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
+b20wHhcNMDUwNzEwMDM1MTU2WhcNMDUwNzExMDM1MTU2WjCBwzELMAkGA1UEBhMC
+VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
+aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxJTAjBgNVBAsT
+HFRlc3QgRXhwaXJlZCBSU0EgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkg
+U2FuaW4xITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbTBcMA0GCSqG
+SIb3DQEBAQUAA0sAMEgCQQDJUmVgQEBmML80PvR8zIwGkyDiE5boEWR4pGmaGUOH
+bRnFQkt2mt+4/QeYtm7GRVRUe6YJigUovU1u3DQDiOjzAgMBAAGjggFTMIIBTzAM
+BgNVHRMEBTADAQH/MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD
+ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU+fqJEjRKO1kG3y4X8sCPsiYHeMkwgfEGA1Ud
+IwSB6TCB5oAU/uTsUyTwlZXHELXhRLVdOWVa436hgcKkgb8wgbwxCzAJBgNVBAYT
+AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMT0wOwYDVQQKEzRYTUwgU2VjdXJpdHkg
+TGlicmFyeSAoaHR0cDovL3d3dy5hbGVrc2V5LmNvbS94bWxzZWMpMR4wHAYDVQQL
+ExVUZXN0IFJvb3QgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUFsZWtzZXkgU2FuaW4x
+ITAfBgkqhkiG9w0BCQEWEnhtbHNlY0BhbGVrc2V5LmNvbYIJANaOuOCRgiz4MA0G
+CSqGSIb3DQEBBQUAA0EAmLTpL4oqi+VjrLISYYxY5FfAqACYAOpIbIdWM2QtjozB
+dQxFVSK2RHn2z1W2gWy7N8VQmfrggN73LIKOXuoV5A==</X509Certificate>
+</X509Data>
+ </KeyInfo>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml
new file mode 100644
index 00000000..0df316d9
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5">
+ <HMACOutputLength>64</HMACOutputLength>
+ </SignatureMethod>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
+ <DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>j202k+irNYE=</SignatureValue>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml
new file mode 100644
index 00000000..d8159789
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"/>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
+ <DigestValue>/u+47lA0BK55De4qRAg16w==</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>7uFBgN6DOM9SJj+UBkM2fQ==</SignatureValue>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml
new file mode 100644
index 00000000..582dc96d
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160">
+ <HMACOutputLength>64</HMACOutputLength>
+ </SignatureMethod>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
+ <DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>+TxC/QCigpQ=</SignatureValue>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml
new file mode 100644
index 00000000..057cf471
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"/>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
+ <DigestValue>Ofs8NqfoXX+r0Cas3GRY2GbzhPo=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>tt3/nrk/uQ79pKHEZaCxXNncAtg=</SignatureValue>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml b/docs/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml
new file mode 100644
index 00000000..0cf0f425
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>RCkGabfqV1XpXvx0rGDEIAzs4/U9TDKvZIWN9MBRi5BPAr1pXnX0iAve+2OEeBTm
+nstv7BjG6CDnb69ouJSeWg==</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
+IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
+MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
+ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
+MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
+YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
+gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
+BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
+IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
+Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
+SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
+AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
+kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
+lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
+<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
+ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
+ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
+b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
+kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
+DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
+Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
+HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
+IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
+CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
+MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
+BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
+08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
+T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
+6A==</X509Certificate>
+<X509Certificate>MIID3zCCA4mgAwIBAgIJANaOuOCRgiz6MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
+A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
+Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
+b20wHhcNMDUwNzEwMDIzMzAyWhcNMTUwNzA4MDIzMzAyWjCBxzELMAkGA1UEBhMC
+VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
+aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT
+IFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr
+c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wXDAN
+BgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7LjqdnsYmW0tbD
+VxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQABo4IBUzCC
+AU8wDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTMQygZMIHx
+BgNVHSMEgekwgeaAFP7k7FMk8JWVxxC14US1XTllWuN+oYHCpIG/MIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs
++DANBgkqhkiG9w0BAQUFAANBAEfjvmWwi2gBpYt7bwF6oHiFLoIh5kiLAPrlOFAb
+PZlLDqr5+eDcr1cf0pksgW7fVE9NzTSmwjDFuEcPqJV62Ek=</X509Certificate>
+</X509Data>
+ </KeyInfo>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/aleksey-xmldsig-01/x509data-test.xml b/docs/tests/aleksey-xmldsig-01/x509data-test.xml
new file mode 100644
index 00000000..287cc778
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/x509data-test.xml
@@ -0,0 +1,117 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Document>
+ <ToBeSigned>
+ Some very secret data
+ </ToBeSigned>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2">
+ <XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2" Filter="intersect"> //ToBeSigned </XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>3om1gINPzaogcdLuDdjIQlls4NE=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>W/X7k6Q6T9RFW56VkRV9HGW5wkyUxvvlUcEyUkggVE04gsOK0Rx0rqq2woUxzkk1
+jvXfCtm2xknb2/cOmqfO/g==</SignatureValue>
+ <KeyInfo>
+ <X509Data>
+
+
+
+
+
+ <X509Certificate>MIIEFTCCA36gAwIBAgIJANaOuOCRgiz4MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTU1WhcNMTUwNzA4MDIyOTU1WjCByDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKjAoBgNVBAsTIVRlc3QgU2Vjb25k
+IExldmVsIFJTQSBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEh
+MB8GCSqGSIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBALK68onYK5Q8PfeCE+3hDwyKV6wfFVtunIp+ZputhWkMZUOY4oqn
+ffuolRln3kp/CVdtHaPTPIpYma9HFTH4+xMCAwEAAaOCAVMwggFPMAwGA1UdEwQF
+MAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
+YXRlMB0GA1UdDgQWBBT+5OxTJPCVlccQteFEtV05ZVrjfjCB8QYDVR0jBIHpMIHm
+gBTaRulr5q/TParlIUtS7cpmKOD+haGBwqSBvzCBvDELMAkGA1UEBhMCVVMxEzAR
+BgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5
+IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3Qg
+Um9vdCBDZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqG
+SIb3DQEJARYSeG1sc2VjQGFsZWtzZXkuY29tggkA1o644JGCLPcwDQYJKoZIhvcN
+AQEFBQADgYEAmY0RjbSVqOU/xvyhSq8Juk6u8bDHYIUgrfhIDZUtVT1s+op4ReOO
+kC7W7ZDOl8MxhJmt4KMqc6niYoQeuXTA9QpOleBqi8R7+0cyeGebo5JOFWN7J7wl
+lupKp1iJcKtcARwA7bso/Q5OefAwDN4pucg13fOYKVktF8XLQkIUsfY=</X509Certificate>
+<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Second Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
+<X509IssuerSerial>
+<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
+<X509SerialNumber>15460497845462904056</X509SerialNumber>
+</X509IssuerSerial>
+<X509SKI>/uTsUyTwlZXHELXhRLVdOWVa434=</X509SKI>
+<X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
+ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
+ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
+b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
+kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
+DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
+Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
+HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
+IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
+CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
+MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
+BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
+08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
+T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
+6A==</X509Certificate>
+<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
+<X509IssuerSerial>
+<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Root Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
+<X509SerialNumber>15460497845462904055</X509SerialNumber>
+</X509IssuerSerial>
+<X509SKI>2kbpa+av0z2q5SFLUu3KZijg/oU=</X509SKI>
+<X509Certificate>MIID3zCCA4mgAwIBAgIJANaOuOCRgiz6MA0GCSqGSIb3DQEBBQUAMIHIMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEqMCgG
+A1UECxMhVGVzdCBTZWNvbmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQD
+Ew1BbGVrc2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5j
+b20wHhcNMDUwNzEwMDIzMzAyWhcNMTUwNzA4MDIzMzAyWjCBxzELMAkGA1UEBhMC
+VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBM
+aWJyYXJ5IChodHRwOi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxKTAnBgNVBAsT
+IFRlc3QgVGhpcmQgTGV2ZWwgUlNBIENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVr
+c2V5IFNhbmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wXDAN
+BgkqhkiG9w0BAQEFAANLADBIAkEA09BtD3aeVt6DVDkk0dI7Vh7LjqdnsYmW0tbD
+VxxK+nume+Z9Sb4znbUKkWl+vgQATdRUEyhT2P+Gqrd0UBzYfQIDAQABo4IBUzCC
+AU8wDAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNf0xkZ3zjcEI60pVPuwDqTMQygZMIHx
+BgNVHSMEgekwgeaAFP7k7FMk8JWVxxC14US1XTllWuN+oYHCpIG/MIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs
++DANBgkqhkiG9w0BAQUFAANBAEfjvmWwi2gBpYt7bwF6oHiFLoIh5kiLAPrlOFAb
+PZlLDqr5+eDcr1cf0pksgW7fVE9NzTSmwjDFuEcPqJV62Ek=</X509Certificate>
+<X509SubjectName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Third Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509SubjectName>
+<X509IssuerSerial>
+<X509IssuerName>emailAddress=xmlsec@aleksey.com,CN=Aleksey Sanin,OU=Test Second Level RSA Certificate,O=XML Security Library (http://www.aleksey.com/xmlsec),ST=California,C=US</X509IssuerName>
+<X509SerialNumber>15460497845462904058</X509SerialNumber>
+</X509IssuerSerial>
+<X509SKI>1/TGRnfONwQjrSlU+7AOpMxDKBk=</X509SKI>
+</X509Data>
+ </KeyInfo>
+ </Signature>
+</Document>
diff --git a/docs/tests/aleksey-xmldsig-01/xpointer-hmac.xml b/docs/tests/aleksey-xmldsig-01/xpointer-hmac.xml
new file mode 100644
index 00000000..2a255f8a
--- /dev/null
+++ b/docs/tests/aleksey-xmldsig-01/xpointer-hmac.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0"?>
+<!DOCTYPE test [
+<!ATTLIST ToBeSigned Id ID #IMPLIED>
+]>
+<Document xmlns:xenc="http://www.example.org/xenc" xmlns:dsig="http://www.example.org/dsig">
+ <ToBeSigned Id="foo">
+ <Secrets>Test</Secrets>
+ </ToBeSigned>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2001/04/xmldsig-more/xptr">
+ <XPointer xmlns="http://www.w3.org/2001/04/xmldsig-more/xptr">
+ xpointer(id(&quot;foo&quot;))
+ </XPointer>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>faszbFrqwUNeZH5QrXPPobn+zso=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>BTB6iZWZjOIG0JjGjpYbihO3Igg=</SignatureValue>
+ <Object Id="object">some text</Object>
+ </Signature>
+</Document>
diff --git a/docs/tests/keys-certs/cacert.pem b/docs/tests/keys-certs/cacert.pem
new file mode 100644
index 00000000..a86c2e77
--- /dev/null
+++ b/docs/tests/keys-certs/cacert.pem
@@ -0,0 +1,72 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ d6:8e:b8:e0:91:82:2c:f7
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Test Root Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Validity
+ Not Before: Jul 10 02:29:01 2005 GMT
+ Not After : Jul 8 02:29:01 2015 GMT
+ Subject: C=US, ST=California, O=XML Security Library (http://www.aleksey.com/xmlsec), OU=Test Root Certificate, CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:da:c9:a1:5a:8c:9c:4e:75:55:3e:f0:48:f0:3b:
+ 7d:52:d9:7a:8d:99:8c:71:6c:77:e2:50:93:b7:c3:
+ 68:79:ec:e3:d4:90:a0:1c:29:ee:46:be:df:61:25:
+ b3:d3:6f:70:b8:6e:53:d2:70:e9:1e:d9:17:b1:2a:
+ 75:d2:ee:90:17:5d:bc:45:96:05:25:67:44:0a:d0:
+ ad:a9:76:5e:79:f4:e4:a6:ae:d1:f7:98:f3:fd:04:
+ 9b:ef:0c:c9:71:91:c3:63:f7:f1:1e:0f:ec:86:77:
+ c1:8d:ff:24:fa:3d:30:e1:f0:6f:f8:96:cc:ce:5c:
+ bf:ad:c8:a2:24:0b:86:2c:ff
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ DA:46:E9:6B:E6:AF:D3:3D:AA:E5:21:4B:52:ED:CA:66:28:E0:FE:85
+ X509v3 Authority Key Identifier:
+ keyid:DA:46:E9:6B:E6:AF:D3:3D:AA:E5:21:4B:52:ED:CA:66:28:E0:FE:85
+ DirName:/C=US/ST=California/O=XML Security Library (http://www.aleksey.com/xmlsec)/OU=Test Root Certificate/CN=Aleksey Sanin/emailAddress=xmlsec@aleksey.com
+ serial:D6:8E:B8:E0:91:82:2C:F7
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 54:5d:b7:4e:4d:0c:00:ad:c3:6b:6f:16:af:cc:04:69:d8:91:
+ 8e:9f:3a:3a:5b:34:e6:f8:e1:52:5c:2d:05:d3:c6:30:4f:c8:
+ d6:6e:1b:7d:ed:ef:25:34:d5:4e:05:4e:18:ff:7f:11:79:9a:
+ 98:0b:d3:aa:16:87:c6:d7:f3:bd:01:d4:39:f1:62:ff:15:68:
+ 3c:0e:03:f9:30:93:d3:4f:d9:11:53:71:54:d3:58:d4:89:7d:
+ be:91:b7:67:82:16:40:38:99:b4:ce:24:4d:c5:f3:4f:c0:82:
+ 16:3c:a6:17:c9:71:0a:41:0c:eb:9f:1c:85:7b:2d:61:3f:b7:
+ 20:e8
+-----BEGIN CERTIFICATE-----
+MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
+aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
+A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
+bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
+MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
+Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
+ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
+ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
+b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
+kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
+DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
+Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
+HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
+IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
+CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
+MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
+BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
+08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
+T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
+6A==
+-----END CERTIFICATE-----
diff --git a/docs/tests/keys-certs/cakey.pem b/docs/tests/keys-certs/cakey.pem
new file mode 100644
index 00000000..0270e59c
--- /dev/null
+++ b/docs/tests/keys-certs/cakey.pem
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,77F426A47A174623
+
+FH1NdgJgrX1OGKM0WfzwRUWmLTmfawdaUPeFNJbz1+40J5DEt1DmC6o0QkXoxIPC
+Te/+FS80gNruYgYIWu4WXftCSdvSfGI8LP1JZ7hmMCl055J2mLVKT4o6HqAQnHrb
+hTATVG6CB/GdHTFPG3J65qIyTlG50jyzfwZtliMCCAwi+AaAlo5xzUe0DgedytB2
+sFkLq5EiD6066P/LXPH/Z5SJKiMCFOl0Gjwd3M9ohZufnEJPJT5ap2fm7OSJSfa6
+jPREY+UwhPyKkYOc2c8gojj6HrsSQlXPl176b1+31c19hhhRAtDfJBIU2OrOFVk/
+V88/Dm0I+ROyLme0rYfFg8uHz2aIymzEMds5ZKEFTFbBhaWbVYKIX7+82tftnd+P
+2kT15JAK9V27F0p4SRiQ5RsDkT3rBWsZjtk9Rptkrgec9aKoTaO2fT8bPaWFR/M1
+6X7kjMqhLw1sHmsSeDKx0YCWfS+gWh7RPjGQ2EfH2pxoZkUAR5R3cZCEn3Ia1BeV
+UTFWy+DwjEeSrNkO96E0pH1r8204cJAKK8cWS4HSAPMsQPf5cZjIrrAak/9Wupkq
+fnrB0Ae6GFO2gHYQfbSL+KdEq6w5+S6XZyTauVyaJAjjIFDmegfaKWHzNvqCWJ4T
+YPsiptUrKz6DYyhiUrNJQKcyGWHWrwMNIbldqSBNCa8OIVoaZiRibgO1SIafAGAS
+9MDXXVaY6rqx1yfZYDc9VgKGXTJhBXALCeGMYF43bvAmPq3M13QJA0rlO7lAUUF2
+5INqBUeJxZrYxn6tRr9EMty/UcYnPR3YHgt0RDZycvbcqPsU5tHk9Q==
+-----END RSA PRIVATE KEY-----
diff --git a/docs/tests/keys-certs/keys.xml b/docs/tests/keys-certs/keys.xml
new file mode 100644
index 00000000..cead991a
--- /dev/null
+++ b/docs/tests/keys-certs/keys.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0"?>
+<Keys xmlns="http://www.aleksey.com/xmlsec/2002">
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>test-hmac-sha1</KeyName>
+<KeyValue>
+<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">c2VjcmV0</HMACKeyValue>
+</KeyValue>
+</KeyInfo>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>test-dsa</KeyName>
+<KeyValue>
+<DSAKeyValue>
+<P>
+4jl6DkcmDDBt815kg/WbxW1gnLtqH+kdjqEeFDD9m6EqGqvVhFbbvNNQqAwuaiJU
+nWlR8gG47GtHKFN6w8CM1qteIo3foK504otZFNsl1p3cInQpdRCp2e/lQ+E24J/H
+/n4Ix9pBNV63JIiSIqa+GpDuBpW4o3rrBRxTjOwYpWk=
+</P>
+<Q>
+9WQwByMPy0u1C8e2SeNQTvkG6tM=
+</Q>
+<G>
+Rrg7e8pNLHMFK0pGW7xvzb7Kh6icJSsiBaX6aHqaQc9rSzzMJG3snBuQricNaUH5
+8ipucT+hdPRTo6g0ty5noyyBmqUvYHf9NuskQhPDmC3uTtqQTHeCEuX8XoH3YYlB
+uE4nXvQRGZoyy+43ISe9aDnEAgIUVQXEayTVppRF24I=
+</G>
+<X xmlns="http://www.aleksey.com/xmlsec/2002">
+S3Gt9BE+wZb996U6h4nSNtYxEmE=
+</X>
+<Y>
+WT0+1bR+bj65u5iDJ0MRc6/8iEAbvj7l5sAVn/H+SdZy94wW5mnSLCC5ufN33QPp
+WNvgVk2igM+W51WlhFDgA8Xz9lRPk19jW8BXQpqv11MKoIBpaSAWvnhs/0AKubiT
+XxJz7i78ZJy4hVTn99Rvt6Tc16/LICZfsqIJr+VK4Sg=
+</Y>
+</DSAKeyValue>
+</KeyValue>
+</KeyInfo>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>test-rsa</KeyName>
+<KeyValue>
+<RSAKeyValue>
+<Modulus>
+0rGgazIyv0XjPXGGBwt1wvfCPO++VAlxW15LFinbxCeBkq/5jb/71gC7R2CJtUK4
+y/tIi7g89YBwQosJpgMMZt69fz51omEv/WobD0vUFcbRxek+Yi23ZHxhZMtO42Re
+zfpwgC4ep0fXL+V105BUmjGFYACnUJdtMkG8ahH8/Zs=
+</Modulus>
+<Exponent>
+Aw==
+</Exponent>
+<PrivateExponent xmlns="http://www.aleksey.com/xmlsec/2002">
+jHZq8iF3Ki6Xfkuur1z5LKUsKJ/UOAZLkj7cuXE9LW+rtx/7s9VSjqsnhOsGeNcl
+3VIwXSV9+QBK1wdbxAIIQ16+yWXNY+21K94h4C6ssx44lqgODL25OXDsE92EZFu0
+1gApBhqOUxV1gUXDqMnHqSWbk7/1kwX6RzsioRu0UKs=
+</PrivateExponent>
+</RSAKeyValue>
+</KeyValue>
+</KeyInfo>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>test-des</KeyName>
+<KeyValue>
+<DESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">
+zBFljViy/Qhd8AG0vGxf+SekrJ1ttpIz
+</DESKeyValue>
+</KeyValue>
+</KeyInfo>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>test-aes128</KeyName>
+<KeyValue>
+<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">0Xfy3ES+Fbv/OfWuQHKvPA==</AESKeyValue>
+</KeyValue>
+</KeyInfo>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>test-aes192</KeyName>
+<KeyValue>
+<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">lk9DyA07xL/m45fUb7zbLoy3c0hLhw80</AESKeyValue>
+</KeyValue>
+</KeyInfo>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+<KeyName>test-aes256</KeyName>
+<KeyValue>
+<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">fpCPQLCMZCw9WipH8kk1J75CqYgWBhbJDMFPiUS0hzE=</AESKeyValue>
+</KeyValue>
+</KeyInfo>
+</Keys>
diff --git a/docs/tests/keys-certs/merlin.pem b/docs/tests/keys-certs/merlin.pem
new file mode 100644
index 00000000..7efe8e08
--- /dev/null
+++ b/docs/tests/keys-certs/merlin.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDSzCCAwugAwIBAgIGAOz46fwJMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+MB4XDTAyMDQwMjIyNTkyNVoXDTEyMDQwMjIxNTkyNVowbjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+MIIBtzCCASwGByqGSM44BAEwggEfAoGBAN3jngL6pxMhaVvrk0oK3Y+2C42k5Kch
+3nChSKC7vEGTZBk0CNXIiEwR9JanyJHQh0ovH4lAtw06tyfRbCXn+GFbQxeyaVLx
+0zkKrau2YMeigvFsZM+q0AsTq+xdAKTmIvPcy0aHuDJAxnursdPlrcjk0KFSBjUw
+w1BV61EDWy6xAhUAhDLcFK0GO/Hz1arxOOvsgM/VLyUCgYEAnnx7hbdWozGbtnFg
+nbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43zKt7dlEaQL7b5+JTZ
+t3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM8d2rhd2Ui0xHbk0D
+451nhLxVWulviOSPhzKKvXrbySADgYQAAoGAfag+HCABIJadDD9Aarhgc2QR3Lp7
+PpMOh0lAwLiIsvkO4UlbeOS0IJC8bcqLjM1fVw6FGSaxmq+4y1ag2m9k6IdE0Qh5
+NxB/xFkmdwqXFRIJVp44OeUygB47YK76NmUIYG3DdfiPPU3bqzjvtOtETiCHvo25
+4D6UjwPpYErXRUajNjA0MA4GA1UdDwEB/wQEAwICBDAPBgNVHRMECDAGAQH/AgEA
+MBEGA1UdDgQKBAiDhj5AdjLikzAJBgcqhkjOOAQDAy8AMCwCFELu0nuweqW7Wf0s
+gk/CAGGL0BGKAhRNdgQGr5iyZKoH4oqPm0VJ9TjXLg==
+-----END CERTIFICATE-----
+
diff --git a/docs/tests/merlin-exc-c14n-one/Readme.txt b/docs/tests/merlin-exc-c14n-one/Readme.txt
new file mode 100644
index 00000000..1ba1cd92
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/Readme.txt
@@ -0,0 +1,3 @@
+untested exclusive c14n example signature + c14n output
+merlin@baltimore.ie
+mon jan 14 2002
diff --git a/docs/tests/merlin-exc-c14n-one/c14n-0.txt b/docs/tests/merlin-exc-c14n-one/c14n-0.txt
new file mode 100644
index 00000000..f88f1abe
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/c14n-0.txt
@@ -0,0 +1,5 @@
+<dsig:Object xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
+ <bar:Baz xmlns:bar="urn:bar">
+
+ </bar:Baz>
+ </dsig:Object> \ No newline at end of file
diff --git a/docs/tests/merlin-exc-c14n-one/c14n-1.txt b/docs/tests/merlin-exc-c14n-one/c14n-1.txt
new file mode 100644
index 00000000..16815e3c
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/c14n-1.txt
@@ -0,0 +1,5 @@
+<dsig:Object xmlns="urn:foo" xmlns:bar="urn:bar" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
+ <bar:Baz>
+
+ </bar:Baz>
+ </dsig:Object> \ No newline at end of file
diff --git a/docs/tests/merlin-exc-c14n-one/c14n-2.txt b/docs/tests/merlin-exc-c14n-one/c14n-2.txt
new file mode 100644
index 00000000..ccd95347
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/c14n-2.txt
@@ -0,0 +1,5 @@
+<dsig:Object xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
+ <bar:Baz xmlns:bar="urn:bar">
+ <!-- comment -->
+ </bar:Baz>
+ </dsig:Object> \ No newline at end of file
diff --git a/docs/tests/merlin-exc-c14n-one/c14n-3.txt b/docs/tests/merlin-exc-c14n-one/c14n-3.txt
new file mode 100644
index 00000000..0adfc736
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/c14n-3.txt
@@ -0,0 +1,5 @@
+<dsig:Object xmlns="urn:foo" xmlns:bar="urn:bar" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="to-be-signed">
+ <bar:Baz>
+ <!-- comment -->
+ </bar:Baz>
+ </dsig:Object> \ No newline at end of file
diff --git a/docs/tests/merlin-exc-c14n-one/c14n-4.txt b/docs/tests/merlin-exc-c14n-one/c14n-4.txt
new file mode 100644
index 00000000..37f33034
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/c14n-4.txt
@@ -0,0 +1,36 @@
+<dsig:SignedInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></dsig:CanonicalizationMethod>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"></dsig:SignatureMethod>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
+ <dsig:DigestValue>7yOTjUu+9oEhShgyIIXDLjQ08aY=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default"></InclusiveNamespaces>
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
+ <dsig:DigestValue>09xMy0RTQM1Q91demYe/0F6AGXo=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
+ <dsig:DigestValue>ZQH+SkCN8c5y0feAr+aRTZDwyvY=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments">
+ <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default"></InclusiveNamespaces>
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod>
+ <dsig:DigestValue>a1cTqBgbqpUt6bMJN4C6zFtnoyo=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo> \ No newline at end of file
diff --git a/docs/tests/merlin-exc-c14n-one/exc-signature.tmpl b/docs/tests/merlin-exc-c14n-one/exc-signature.tmpl
new file mode 100644
index 00000000..7b635ae0
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/exc-signature.tmpl
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Foo xmlns:bar="urn:bar" xmlns="urn:foo" xml:space="preserve">
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue></dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue></dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue></dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments">
+ <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue></dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ <dsig:Object Id="to-be-signed">
+ <bar:Baz>
+ <!-- comment -->
+ </bar:Baz>
+ </dsig:Object>
+ </dsig:Signature>
+</Foo>
diff --git a/docs/tests/merlin-exc-c14n-one/exc-signature.xml b/docs/tests/merlin-exc-c14n-one/exc-signature.xml
new file mode 100644
index 00000000..e805940b
--- /dev/null
+++ b/docs/tests/merlin-exc-c14n-one/exc-signature.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Foo xmlns:bar="urn:bar" xmlns="urn:foo" xml:space="preserve">
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue>7yOTjUu+9oEhShgyIIXDLjQ08aY=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue>09xMy0RTQM1Q91demYe/0F6AGXo=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue>ZQH+SkCN8c5y0feAr+aRTZDwyvY=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference URI="#xpointer(id('to-be-signed'))">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments">
+ <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="bar #default" />
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <dsig:DigestValue>a1cTqBgbqpUt6bMJN4C6zFtnoyo=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+ Kv1e7Kjhz4gFtOZKgvC5cLYtMQNIn99fyLBa6D//bBokTxTUEkMwaA==
+ </dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ <dsig:DSAKeyValue>
+ <dsig:P>
+ 8FkJgwdyizV5Vd0m6DA/DZsdweJdnkueYVUd7L8aA4JpZxrlCI/M7mDE/OGhEhgB
+ nFzSTrBjSFpT7DG66uy7oJeE+RgkXO7EWWOEglMPwaZgGgi1oZarv95VOx3uO8W8
+ L7+S/3AuHNUZQD4b5bpdYAmjXFwz6dl0mKiXAvVuP9E=
+ </dsig:P>
+ <dsig:Q>
+ mFf8DiMVNFXy0vag9oNGNW/g4u0=
+ </dsig:Q>
+ <dsig:G>
+ g8gRdNlq9EOTR2TjmVApqCAZAq3jEjOIxXbs8JBiZ+U7dV9geeXEy13GbYoP23Qr
+ apZQo+35diw+cMYPHjN+iUCwUkiGWv7/piAK+Ootfw03etL8XiVWjtL5NBof2CNp
+ wmAw7mrwmNG092y1e6HXSGMMZpaoth/P8xhsxCQsqI8=
+ </dsig:G>
+ <dsig:Y>
+ j0V14dc/I+okDAeG4ZbWUzb3HTFkEOC6feOMo5Dk218GcPqEKroVHaDBF9CmRV1v
+ B8MUOExB+6ZNHfcs5Vaw0HVn62YiEBzrmKikx6SxO4Dg9L8I5WbHn37vxUKvHs8r
+ 7+rma3kpZQftTMiBpJ8XK8Z6jg8VhuJqo9yZZO+p3I0=
+ </dsig:Y>
+ </dsig:DSAKeyValue>
+ </dsig:KeyValue>
+ </dsig:KeyInfo>
+ <dsig:Object Id="to-be-signed">
+ <bar:Baz>
+ <!-- comment -->
+ </bar:Baz>
+ </dsig:Object>
+ </dsig:Signature>
+</Foo>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/Readme.txt b/docs/tests/merlin-xmldsig-twenty-three/Readme.txt
new file mode 100644
index 00000000..37e9d88f
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/Readme.txt
@@ -0,0 +1,63 @@
+Sample XML Signatures[1][2]
+
+[1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
+[2] http://www.w3.org/TR/2001/REC-xml-c14n-20010315
+
+1. A large and complex signature:
+
+This includes internal and external base 64, references of the forms
+"", "#xpointer(/)", "#foo" and "#xpointer(id('foo'))" (with and
+without comments), manifests, signature properties, simple xpath
+with here(), xslt, retrieval method and odd interreferential
+dependencies.
+
+ signature.xml - A signature
+ signature.tmpl - The template from which the signature was created
+ signature-c14n-*.txt - All intermediate c14n output
+
+2. Some basic signatures:
+
+The key for the HMAC-SHA1 signatures is "secret".getBytes("ASCII")
+which is, in hex, (73 65 63 72 65 74). No key info is provided for
+these signatures.
+
+ signature-enveloped-dsa.xml
+ signature-enveloping-b64-dsa.xml
+ signature-enveloping-dsa.xml
+ signature-enveloping-hmac-sha1-40.xml
+ signature-enveloping-hmac-sha1.xml
+ signature-enveloping-rsa.xml
+ signature-external-b64-dsa.xml
+ signature-external-dsa.xml - The signatures
+ signature-*-c14n-*.txt - The intermediate c14n output
+
+3. Varying key information:
+
+To resolve the key associated with the KeyName in `signature-keyname.xml'
+you must perform a cunning transformation from the name `Xxx' to the
+certificate that resides in the directory `certs/' that has a subject name
+containing the common name `Xxx', which happens to be in the file
+`certs/xxx.crt'.
+
+To resolve the key associated with the X509Data in `signature-x509-is.xml',
+`signature-x509-ski.xml' and `signature-x509-sn.xml' you need to resolve
+the identified certificate from those in the `certs' directory.
+
+In `signature-x509-crt-crl.xml' an X.509 CRL is present which has revoked
+the X.509 certificate used for signing. So verification should be
+qualified.
+
+ signature-keyname.xml
+ signature-retrievalmethod-rawx509crt.xml
+ signature-x509-crt-crl.xml
+ signature-x509-crt.xml
+ signature-x509-is.xml
+ signature-x509-ski.xml
+ signature-x509-sn.xml - The signatures
+ certs/*.crt - The certificates
+
+Merlin Hughes <merlin@baltimore.ie>
+Baltimore Technologies, Ltd.
+http://www.baltimore.com/
+
+Thursday, April 4, 2002
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/badb.der b/docs/tests/merlin-xmldsig-twenty-three/certs/badb.der
new file mode 100644
index 00000000..2d0dec68
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/badb.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/badb.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/badb.pem
new file mode 100644
index 00000000..0221d206
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/badb.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDTjCCAw6gAwIBAgIGAOz5IWdKMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTU3WhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRCYWRi
+MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
+yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
+JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
+oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
+QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
+ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
+tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYATQutuLkVzLAWmxY7yUNr12h3oXy54
+Bq1CfurLlhfiraKcFqe6QB6DvfEbh+4e/GeQIPI3y+dP/zkvrbdjN6l74mCueWTI
+dyn+wrhsvHbx6sb8YiElOKE7xnM1Nv8jOgcOR1NwJinjKqPv+stIdDENExfx6Ubz
+8hrtRueuFP3b36M6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiAtARqytE1
+qDATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAy8AMCwCFFKTrj8PpVIm
+Yzp9a4bruXQS6ZvQAhQ1kT4Tac5xe7Gu8fu4RlzNTm911A==
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/balor.der b/docs/tests/merlin-xmldsig-twenty-three/certs/balor.der
new file mode 100644
index 00000000..806d59d7
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/balor.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/balor.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/balor.pem
new file mode 100644
index 00000000..edc1748a
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/balor.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAw+gAwIBAgIGAOz5IaxHMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDE1WhcNMTIwNDAyMjI1OTQ2WjBnMQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ4wDAYDVQQDEwVCYWxv
+cjCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCEirBKJ4zRoB7P7ofvWCoJ8GfAbd0+
+7skASVvXcaTBdHD1F8+HRW0hWOEMlvIoAi7MKTmvnhxxGLFrxNDa9ZXCh1D16u7u
+NSScBzatUQBXmYlOsGvtRS979f09awIM3qVe8UuImn8+L8XRzJX8ICn6Min6uiVN
+c6FTP2oSOcVgwwIVAJhL+niCaweCjdHz0QAT8dzR2HJZAoGAJYbmGfwMz7Wu/mxO
+QkGrJklc3PLjP3vizewAZRF8EEZOkH2QXF/E23jzRPGRZ4OFH7f0MwDlMQCxE+5C
+gHpOCXsrac3NF2AmMrhiQE5uBfWWNaQCeckJlJsLw2HZWmSeJXRszv0eexL54J/x
+uLao46ItLMd46u3M7w8HRh55MtADgYQAAoGAbueMW9xlSwsHNyM3j1KFYeM2yUon
+KtIVOMFc4VmNFE14ldDEldIK/8072nA2fCJvWfhTTC5DOAjzvSmH8sw2cgCLuo72
+K39mC5aDx3/US5x+WwiDqYiVQbrir09mHdnjGnRRPWTjmA4AM3PBOCNi8VykODIB
+r9sgc3UAV+b8jl+jOjA4MA4GA1UdDwEB/wQEAwIHgDARBgNVHQ4ECgQIg+4EbbfC
+EBMwEwYDVR0jBAwwCoAIihxWMFoyEn0wCQYHKoZIzjgEAwMvADAsAhRDxoNOoKQC
+6qpfb4Eh4YrYxHnwnwIUZKOfYeB62qVk0Mpd4V/zHNWC360=
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/bres.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/bres.pem
new file mode 100644
index 00000000..18a0966c
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/bres.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDTjCCAw6gAwIBAgIGAOz5Id5/MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDI4WhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRCcmVz
+MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
+yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
+JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
+oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
+QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
+ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
+tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBgvDFxw1U6Ou2G6P/+347Jfk2wPB1/
+atr4p3JUVLuT0ExZG6np+rKiXmcBbYKbAhMY37zVkroR9bwo+NgaJGubQ4ex5Y1X
+N2Q5gIHNhNfKr8G4LPVqWGxf/lFPDYxX3ezqBJPpJCJTREX7s6Hp/VTV2SpQlySv
++GRcFKJFPlhD9aM6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiC+5gx0MHL
+hTATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAy8AMCwCFDTcM5i61uqq
+/aveERhOJ6NG/LubAhREVDtAeNbTEywXr4O7KvEEvFLUjg==
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/ca.der b/docs/tests/merlin-xmldsig-twenty-three/certs/ca.der
new file mode 100644
index 00000000..00861d03
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/ca.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/ca.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/ca.pem
new file mode 100644
index 00000000..4e6d5766
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/ca.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDWjCCAxqgAwIBAgIGAOz5ITo8MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTQ2WhcNMTIwNDAyMjI1OTQ2WjB2MQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMR0wGwYDVQQDExRBbm90
+aGVyIFRyYW5zaWVudCBDQTCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCEirBKJ4zR
+oB7P7ofvWCoJ8GfAbd0+7skASVvXcaTBdHD1F8+HRW0hWOEMlvIoAi7MKTmvnhxx
+GLFrxNDa9ZXCh1D16u7uNSScBzatUQBXmYlOsGvtRS979f09awIM3qVe8UuImn8+
+L8XRzJX8ICn6Min6uiVNc6FTP2oSOcVgwwIVAJhL+niCaweCjdHz0QAT8dzR2HJZ
+AoGAJYbmGfwMz7Wu/mxOQkGrJklc3PLjP3vizewAZRF8EEZOkH2QXF/E23jzRPGR
+Z4OFH7f0MwDlMQCxE+5CgHpOCXsrac3NF2AmMrhiQE5uBfWWNaQCeckJlJsLw2HZ
+WmSeJXRszv0eexL54J/xuLao46ItLMd46u3M7w8HRh55MtADgYQAAoGADpGA7hzl
+zqaxtr6U+w86qQmoDJhIPMGAUG65aFhGDLm410IzA30J4DYEd9gpnG7lNF+AeHQq
+rpvUN+H0CB0eSxiElFRiV+x+oYUN/p1v/mbKXb4H1+mT7XTi5G/k9Kw5e8UbNgDC
+Ij/2uewSMd5y+jkWUUUXlwYbqt5pOZZhmtejNjA0MA4GA1UdDwEB/wQEAwICBDAP
+BgNVHRMECDAGAQH/AgEAMBEGA1UdDgQKBAiKHFYwWjISfTAJBgcqhkjOOAQDAy8A
+MCwCFDI9WLFVplIMf5ta+kB2s/BHBzm9AhQTczFDTX/7sawplNpLfzu5i/g+qA==
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der
new file mode 100644
index 00000000..2109edfa
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem
new file mode 100644
index 00000000..049721f1
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAw6gAwIBAgIGAOz5IcSmMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDIxWhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRMdWdo
+MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
+yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
+JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
+oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
+QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
+ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
+tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBIdlgw5JS5w1C4a5zQVul03YLFTkaX
+6RxbTYsDcnb0SyegrcKQ5y7MgaeDTUVIzCe6Q1WNjvT1fLwWmygpNVUUOZKEJT3p
+kSB+8/7IrGM+IWUTxkyIwasgsmrQnV/a+CSRFVDzZQKJFzcdCfZmK0yxh2NrPMiQ
+ogOgroVjgLrlE6M6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiMWQ6+Iv7t
+UDATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAzAAMC0CFQCE72yE3Jte
+0ltPp3yWpePyMp0RJgIUdB+bQ5BzY7G332mPCCH7dNa1Y0Q=
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/lugh.der b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh.der
new file mode 100644
index 00000000..3b1193ab
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/lugh.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh.pem
new file mode 100644
index 00000000..e0d1e959
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/lugh.pem
@@ -0,0 +1,12 @@
+-----BEGIN PUBLIC KEY-----
+MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
+yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
+JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
+oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
+QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
+ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
+tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBIdlgw5JS5w1C4a5zQVul03YLFTkaX
+6RxbTYsDcnb0SyegrcKQ5y7MgaeDTUVIzCe6Q1WNjvT1fLwWmygpNVUUOZKEJT3p
+kSB+8/7IrGM+IWUTxkyIwasgsmrQnV/a+CSRFVDzZQKJFzcdCfZmK0yxh2NrPMiQ
+ogOgroVjgLrlEw==
+-----END PUBLIC KEY-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/macha.der b/docs/tests/merlin-xmldsig-twenty-three/certs/macha.der
new file mode 100644
index 00000000..484ddc26
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/macha.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/macha.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/macha.pem
new file mode 100644
index 00000000..2402a12f
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/macha.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDUDCCAw+gAwIBAgIGAOz5IXv6MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDAzWhcNMTIwNDAyMjI1OTQ2WjBnMQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ4wDAYDVQQDEwVNYWNo
+YTCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCEirBKJ4zRoB7P7ofvWCoJ8GfAbd0+
+7skASVvXcaTBdHD1F8+HRW0hWOEMlvIoAi7MKTmvnhxxGLFrxNDa9ZXCh1D16u7u
+NSScBzatUQBXmYlOsGvtRS979f09awIM3qVe8UuImn8+L8XRzJX8ICn6Min6uiVN
+c6FTP2oSOcVgwwIVAJhL+niCaweCjdHz0QAT8dzR2HJZAoGAJYbmGfwMz7Wu/mxO
+QkGrJklc3PLjP3vizewAZRF8EEZOkH2QXF/E23jzRPGRZ4OFH7f0MwDlMQCxE+5C
+gHpOCXsrac3NF2AmMrhiQE5uBfWWNaQCeckJlJsLw2HZWmSeJXRszv0eexL54J/x
+uLao46ItLMd46u3M7w8HRh55MtADgYQAAoGAXenEaP4SIoG3ukTjtqT8TOKddzyb
+dd8epOpGDnPemC6hmsjkbfNDrKEdbsb9AKhb0pp2HKWxNPzPACJ65LMgrtTPY/6f
+NLxB1/o+J1dJR7nehKF9WjwDjAJJ6f9Wc4OwJP7B7DlwWzhaMMNOzmASAUU/AoeL
+WTuMfjA3O+6hm6ijOjA4MA4GA1UdDwEB/wQEAwIHgDARBgNVHQ4ECgQIizPsQXmT
+yPowEwYDVR0jBAwwCoAIihxWMFoyEn0wCQYHKoZIzjgEAwMwADAtAhUAiT4zE8AB
+6veOzVcWxkyYFwHcnFsCFDorkHKzPCnWkmpuDY39GvfKEYBA
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/merlin.der b/docs/tests/merlin-xmldsig-twenty-three/certs/merlin.der
new file mode 100644
index 00000000..a72fc7f0
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/merlin.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/merlin.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/merlin.pem
new file mode 100644
index 00000000..7efe8e08
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/merlin.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDSzCCAwugAwIBAgIGAOz46fwJMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+MB4XDTAyMDQwMjIyNTkyNVoXDTEyMDQwMjIxNTkyNVowbjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+MIIBtzCCASwGByqGSM44BAEwggEfAoGBAN3jngL6pxMhaVvrk0oK3Y+2C42k5Kch
+3nChSKC7vEGTZBk0CNXIiEwR9JanyJHQh0ovH4lAtw06tyfRbCXn+GFbQxeyaVLx
+0zkKrau2YMeigvFsZM+q0AsTq+xdAKTmIvPcy0aHuDJAxnursdPlrcjk0KFSBjUw
+w1BV61EDWy6xAhUAhDLcFK0GO/Hz1arxOOvsgM/VLyUCgYEAnnx7hbdWozGbtnFg
+nbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43zKt7dlEaQL7b5+JTZ
+t3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM8d2rhd2Ui0xHbk0D
+451nhLxVWulviOSPhzKKvXrbySADgYQAAoGAfag+HCABIJadDD9Aarhgc2QR3Lp7
+PpMOh0lAwLiIsvkO4UlbeOS0IJC8bcqLjM1fVw6FGSaxmq+4y1ag2m9k6IdE0Qh5
+NxB/xFkmdwqXFRIJVp44OeUygB47YK76NmUIYG3DdfiPPU3bqzjvtOtETiCHvo25
+4D6UjwPpYErXRUajNjA0MA4GA1UdDwEB/wQEAwICBDAPBgNVHRMECDAGAQH/AgEA
+MBEGA1UdDgQKBAiDhj5AdjLikzAJBgcqhkjOOAQDAy8AMCwCFELu0nuweqW7Wf0s
+gk/CAGGL0BGKAhRNdgQGr5iyZKoH4oqPm0VJ9TjXLg==
+-----END CERTIFICATE-----
+
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/morigu.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/morigu.pem
new file mode 100644
index 00000000..c1fd6eb5
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/morigu.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDUDCCAxCgAwIBAgIGAOz5IVHTMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTUyWhcNMTIwNDAyMjI1OTQ2WjBoMQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ8wDQYDVQQDEwZNb3Jp
+Z3UwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAhIqwSieM0aAez+6H71gqCfBnwG3d
+Pu7JAElb13GkwXRw9RfPh0VtIVjhDJbyKAIuzCk5r54ccRixa8TQ2vWVwodQ9eru
+7jUknAc2rVEAV5mJTrBr7UUve/X9PWsCDN6lXvFLiJp/Pi/F0cyV/CAp+jIp+rol
+TXOhUz9qEjnFYMMCFQCYS/p4gmsHgo3R89EAE/Hc0dhyWQKBgCWG5hn8DM+1rv5s
+TkJBqyZJXNzy4z974s3sAGURfBBGTpB9kFxfxNt480TxkWeDhR+39DMA5TEAsRPu
+QoB6Tgl7K2nNzRdgJjK4YkBObgX1ljWkAnnJCZSbC8Nh2VpkniV0bM79HnsS+eCf
+8bi2qOOiLSzHeOrtzO8PB0YeeTLQA4GEAAKBgH1NBJ9Az5TwY4tDE0dPYVHHABt+
+yLspnT3k9G6YWUMFhZ/+3RuqEPjnKrPfUoXTTJGIACgPU3/PkqwrPVD0JMdpOcnZ
+LHiJ/P7QRQeMwDRoBrs7genB1bDd4pSJrEUcjrkA5uRrIj2Z5fL+UuLiLGPO2rM7
+BNQRIq3QFPdX++NuozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIK7Ljjh
++EsfMBMGA1UdIwQMMAqACIocVjBaMhJ9MAkGByqGSM44BAMDLwAwLAIUEJJCOHw8
+ppxoRyz3s+Vmb4NKIfMCFDgJoZn9zh/3WoYNBURODwLvyBOy
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/nemain.der b/docs/tests/merlin-xmldsig-twenty-three/certs/nemain.der
new file mode 100644
index 00000000..f4b62ae6
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/nemain.der
Binary files differ
diff --git a/docs/tests/merlin-xmldsig-twenty-three/certs/nemain.pem b/docs/tests/merlin-xmldsig-twenty-three/certs/nemain.pem
new file mode 100644
index 00000000..b681a5c2
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/certs/nemain.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDUDCCAxCgAwIBAgIGAOz5IZDHMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDA4WhcNMTIwNDAyMjI1OTQ2WjBoMQswCQYD
+VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ8wDQYDVQQDEwZOZW1h
+aW4wggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAhIqwSieM0aAez+6H71gqCfBnwG3d
+Pu7JAElb13GkwXRw9RfPh0VtIVjhDJbyKAIuzCk5r54ccRixa8TQ2vWVwodQ9eru
+7jUknAc2rVEAV5mJTrBr7UUve/X9PWsCDN6lXvFLiJp/Pi/F0cyV/CAp+jIp+rol
+TXOhUz9qEjnFYMMCFQCYS/p4gmsHgo3R89EAE/Hc0dhyWQKBgCWG5hn8DM+1rv5s
+TkJBqyZJXNzy4z974s3sAGURfBBGTpB9kFxfxNt480TxkWeDhR+39DMA5TEAsRPu
+QoB6Tgl7K2nNzRdgJjK4YkBObgX1ljWkAnnJCZSbC8Nh2VpkniV0bM79HnsS+eCf
+8bi2qOOiLSzHeOrtzO8PB0YeeTLQA4GEAAKBgHzbc/0aTzXwKKeT85kjCq2HD4WY
+nZC9DOck02gNhNbEgN+wGeUPDSQM/vhmxVeoK3ptVA/sU8arBW8V+AdrU/9hJr0v
+nEiqgt9WQLHUhnMJiXTMLcS7XHeIVcwh/iRjD61HUp1cby9UMHZRsW6Ys8rUi0Zn
+/1KrtpTwZJuNwsYIozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIX9dMSn
+0pyIMBMGA1UdIwQMMAqACIocVjBaMhJ9MAkGByqGSM44BAMDLwAwLAIUFRYkL6qD
+NZWtKU03+WYBiGEGSoECFEtRGI19WHg+sT9fBfGKfo8NnJX4
+-----END CERTIFICATE-----
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml
new file mode 100644
index 00000000..f5ff1f50
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Envelope xmlns="http://example.org/envelope">
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>fdy6S2NLpnT4fMdokUHSHsmpcvo=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ Z4pBb+o+XOKWME7CpLyXuNqyIYdXOcGvthfUf+ZDLL5immPx+3tK8Q==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
+ Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
+ 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
+ </P>
+ <Q>
+ hDLcFK0GO/Hz1arxOOvsgM/VLyU=
+ </Q>
+ <G>
+ nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
+ Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
+ 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
+ </G>
+ <Y>
+ cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
+ Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
+ +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+ </Signature>
+</Envelope>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml
new file mode 100644
index 00000000..4e924b0e
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="#object">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>N6pjx3OY2VRHMmLhoAV8HmMu2nc=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ KgAeq8e0yUNfFz+mFlZ3QgyQNMciV+Z3BoDQDvQNker7pazEnJmOIA==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
+ Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
+ 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
+ </P>
+ <Q>
+ hDLcFK0GO/Hz1arxOOvsgM/VLyU=
+ </Q>
+ <G>
+ nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
+ Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
+ 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
+ </G>
+ <Y>
+ cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
+ Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
+ +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+ <Object Id="object">c29tZSB0ZXh0</Object>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml
new file mode 100644
index 00000000..488ac261
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ PfD92lkxKgc2OKvF4p0ba6cJj6d1eqIDx5Q1hvVYTviotje23Snunw==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
+ Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
+ 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
+ </P>
+ <Q>
+ hDLcFK0GO/Hz1arxOOvsgM/VLyU=
+ </Q>
+ <G>
+ nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
+ Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
+ 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
+ </G>
+ <Y>
+ cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
+ Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
+ +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml
new file mode 100644
index 00000000..4904d79f
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+ <HMACOutputLength>40</HMACOutputLength>
+ </SignatureMethod>
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ HHiqvCU=
+ </SignatureValue>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml
new file mode 100644
index 00000000..c0c8343a
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ JElPttIT4Am7Q+MNoMyv+WDfAZw=
+ </SignatureValue>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml
new file mode 100644
index 00000000..1580d838
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <Reference URI="#object">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>7/XTsHaBSOnJ/jXD5v0zL6VKYsk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ ov3HOoPN0w71N3DdGNhN+dSzQm6NJFUB5qGKRp9Q986nVzMb8wCIVxCQu+x3vMtq
+ p4/R3KEcPtEJSaoR+thGq++GPIh2mZXyWJs3xHy9P4xmoTVwli7/l7s8ebDSmnbZ
+ 7xZU4Iy1BSMZSxGKnRG+Z/0GJIfTz8jhH6wCe3l03L4=
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <RSAKeyValue>
+ <Modulus>
+ q07hpxA5DGFfvJFZueFl/LI85XxQxrvqgVugL25V090A9MrlLBg5PmAsxFTe+G6a
+ xvWJQwYOVHj/nuiCnNLa9a7uAtPFiTtW+v5H3wlLaY3ws4atRBNOQlYkIBp38sTf
+ QBkk4i8PEU1GQ2M0CLIJq4/2Akfv1wxzSQ9+8oWkArc=
+ </Modulus>
+ <Exponent>
+ AQAB
+ </Exponent>
+ </RSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+ <Object Id="object">some text</Object>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml
new file mode 100644
index 00000000..1fb56630
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/Signature/2002/04/xml-stylesheet.b64">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ IhOlAjMFaZtkEju5R5bi528h1HpDa4A21sudZynhJRRLjZuQIHZ3eQ==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
+ Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
+ 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
+ </P>
+ <Q>
+ hDLcFK0GO/Hz1arxOOvsgM/VLyU=
+ </Q>
+ <G>
+ nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
+ Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
+ 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
+ </G>
+ <Y>
+ cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
+ Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
+ +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml
new file mode 100644
index 00000000..34d3e6a8
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ LaL1/t/XodYvDJDgSEbq47GX8ltnlx3FFURdi7o+UFVi+zLf0WyWaQ==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ 3eOeAvqnEyFpW+uTSgrdj7YLjaTkpyHecKFIoLu8QZNkGTQI1ciITBH0lqfIkdCH
+ Si8fiUC3DTq3J9FsJef4YVtDF7JpUvHTOQqtq7Zgx6KC8Wxkz6rQCxOr7F0ApOYi
+ 89zLRoe4MkDGe6ux0+WtyOTQoVIGNTDDUFXrUQNbLrE=
+ </P>
+ <Q>
+ hDLcFK0GO/Hz1arxOOvsgM/VLyU=
+ </Q>
+ <G>
+ nnx7hbdWozGbtnFgnbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43z
+ Kt7dlEaQL7b5+JTZt3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM
+ 8d2rhd2Ui0xHbk0D451nhLxVWulviOSPhzKKvXrbySA=
+ </G>
+ <Y>
+ cfYpihpAQeepbNFS4MAbQRhdXpDi5wLrwxE5hIvoYqo1L8BQVu8fY1TFAPtoae1i
+ Bg/GIJyP3iLfyuBJaDvJJLP30wBH9i/s5J3656PevpOVdTfi777Fi9Gj6y/ib2Vv
+ +OZfJkkp4L50+p5TUhPmQLJtREsgtl+tnIOyJT++G9U=
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-keyname.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-keyname.xml
new file mode 100644
index 00000000..a7c60a3d
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-keyname.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ JkJ3GplEU0iDbqSv7ZOXhvv3zeM1KmP+CLphhoc+NPYqpGYQiW6O6w==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyName>Lugh</KeyName>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml
new file mode 100644
index 00000000..30620184
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ SNB5FI193RFXoG2j8Z9bXWgW7BMPICqNob4Hjh08oou4tkhGxz4+pg==
+ </SignatureValue>
+ <KeyInfo>
+ <RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#rawX509Certificate" URI="tests/merlin-xmldsig-twenty-three/certs/balor.der" />
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml
new file mode 100644
index 00000000..fe01797e
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ WF6EaX66f8CdGE6NafmzdLpb/1OVYX4kBNsqgGIqHR5JZAu4HpbVQQ==
+ </SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>
+ MIIDTjCCAw6gAwIBAgIGAOz5Id5/MAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+ c2llbnQgQ0EwHhcNMDIwNDAzMDAwMDI4WhcNMTIwNDAyMjI1OTQ2WjBmMQswCQYD
+ VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+ aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ0wCwYDVQQDEwRCcmVz
+ MIIBtjCCASsGByqGSM44BAEwggEeAoGBAISKsEonjNGgHs/uh+9YKgnwZ8Bt3T7u
+ yQBJW9dxpMF0cPUXz4dFbSFY4QyW8igCLswpOa+eHHEYsWvE0Nr1lcKHUPXq7u41
+ JJwHNq1RAFeZiU6wa+1FL3v1/T1rAgzepV7xS4iafz4vxdHMlfwgKfoyKfq6JU1z
+ oVM/ahI5xWDDAhUAmEv6eIJrB4KN0fPRABPx3NHYclkCgYAlhuYZ/AzPta7+bE5C
+ QasmSVzc8uM/e+LN7ABlEXwQRk6QfZBcX8TbePNE8ZFng4Uft/QzAOUxALET7kKA
+ ek4Jeytpzc0XYCYyuGJATm4F9ZY1pAJ5yQmUmwvDYdlaZJ4ldGzO/R57Evngn/G4
+ tqjjoi0sx3jq7czvDwdGHnky0AOBhAACgYBgvDFxw1U6Ou2G6P/+347Jfk2wPB1/
+ atr4p3JUVLuT0ExZG6np+rKiXmcBbYKbAhMY37zVkroR9bwo+NgaJGubQ4ex5Y1X
+ N2Q5gIHNhNfKr8G4LPVqWGxf/lFPDYxX3ezqBJPpJCJTREX7s6Hp/VTV2SpQlySv
+ +GRcFKJFPlhD9aM6MDgwDgYDVR0PAQH/BAQDAgeAMBEGA1UdDgQKBAiC+5gx0MHL
+ hTATBgNVHSMEDDAKgAiKHFYwWjISfTAJBgcqhkjOOAQDAy8AMCwCFDTcM5i61uqq
+ /aveERhOJ6NG/LubAhREVDtAeNbTEywXr4O7KvEEvFLUjg==
+ </X509Certificate>
+ <X509CRL>
+ MIIBJDCB5AIBATAJBgcqhkjOOAQDMHYxCzAJBgNVBAYTAklFMQ8wDQYDVQQIEwZE
+ dWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9sb2dpZXMgTHRkLjERMA8G
+ A1UECxMIWC9TZWN1cmUxHTAbBgNVBAMTFEFub3RoZXIgVHJhbnNpZW50IENBFw0w
+ MjA0MDQwMjE2NThaFw0xMTA0MDIwMjE2NThaMBkwFwIGAOz5Id5/Fw0wMjA0MDQw
+ MjE2NThaoCMwITATBgNVHSMEDDAKgAiKHFYwWjISfTAKBgNVHRQEAwIBADAJBgcq
+ hkjOOAQDAzAAMC0CFCEIm38fvGzSJHms284hUs9dNB8nAhUAjEtZr0TGgc6sVRVk
+ krEgltdo7Jw=
+ </X509CRL>
+ </X509Data>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml
new file mode 100644
index 00000000..2048fd27
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ GCQVmBq+1H7e9IjvKfe+egLM1Jlp3L1JCGkl9SlJ0eaDh2MKYUUnHA==
+ </SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>
+ MIIDUDCCAxCgAwIBAgIGAOz5IVHTMAkGByqGSM44BAMwdjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEdMBsGA1UEAxMUQW5vdGhlciBUcmFu
+ c2llbnQgQ0EwHhcNMDIwNDAyMjM1OTUyWhcNMTIwNDAyMjI1OTQ2WjBoMQswCQYD
+ VQQGEwJJRTEPMA0GA1UECBMGRHVibGluMSQwIgYDVQQKExtCYWx0aW1vcmUgVGVj
+ aG5vbG9naWVzIEx0ZC4xETAPBgNVBAsTCFgvU2VjdXJlMQ8wDQYDVQQDEwZNb3Jp
+ Z3UwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAhIqwSieM0aAez+6H71gqCfBnwG3d
+ Pu7JAElb13GkwXRw9RfPh0VtIVjhDJbyKAIuzCk5r54ccRixa8TQ2vWVwodQ9eru
+ 7jUknAc2rVEAV5mJTrBr7UUve/X9PWsCDN6lXvFLiJp/Pi/F0cyV/CAp+jIp+rol
+ TXOhUz9qEjnFYMMCFQCYS/p4gmsHgo3R89EAE/Hc0dhyWQKBgCWG5hn8DM+1rv5s
+ TkJBqyZJXNzy4z974s3sAGURfBBGTpB9kFxfxNt480TxkWeDhR+39DMA5TEAsRPu
+ QoB6Tgl7K2nNzRdgJjK4YkBObgX1ljWkAnnJCZSbC8Nh2VpkniV0bM79HnsS+eCf
+ 8bi2qOOiLSzHeOrtzO8PB0YeeTLQA4GEAAKBgH1NBJ9Az5TwY4tDE0dPYVHHABt+
+ yLspnT3k9G6YWUMFhZ/+3RuqEPjnKrPfUoXTTJGIACgPU3/PkqwrPVD0JMdpOcnZ
+ LHiJ/P7QRQeMwDRoBrs7genB1bDd4pSJrEUcjrkA5uRrIj2Z5fL+UuLiLGPO2rM7
+ BNQRIq3QFPdX++NuozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIK7Ljjh
+ +EsfMBMGA1UdIwQMMAqACIocVjBaMhJ9MAkGByqGSM44BAMDLwAwLAIUEJJCOHw8
+ ppxoRyz3s+Vmb4NKIfMCFDgJoZn9zh/3WoYNBURODwLvyBOy
+ </X509Certificate>
+ </X509Data>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml
new file mode 100644
index 00000000..b7a01f85
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ bmKMy/w1DO9dHA6E7Dt0B8IFkYAj1/UD3TqcdqIcfkMT7evE8+NBgg==
+ </SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>
+ CN=Another Transient CA,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
+ </X509IssuerName>
+ <X509SerialNumber>1017792003066</X509SerialNumber>
+ </X509IssuerSerial>
+ </X509Data>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml
new file mode 100644
index 00000000..c71bfce5
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ F9nEU1Us48iKTml8n7E4wt7HtFJ5gaLIgox0J9WbujGndW0oQJbeGg==
+ </SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509SKI>
+ hf10xKfSnIg=
+ </X509SKI>
+ </X509Data>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml
new file mode 100644
index 00000000..d5b08088
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ MUOjiqG0dbjvR6+qYYPL85nKSt2FeZGQBQkYudv48KyJhJLG1Bp+bA==
+ </SignatureValue>
+ <KeyInfo>
+ <X509Data>
+ <X509SubjectName>
+ CN=Badb,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
+ </X509SubjectName>
+ </X509Data>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmldsig-twenty-three/signature.xml b/docs/tests/merlin-xmldsig-twenty-three/signature.xml
new file mode 100644
index 00000000..504fbe11
--- /dev/null
+++ b/docs/tests/merlin-xmldsig-twenty-three/signature.xml
@@ -0,0 +1,269 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE Envelope [
+ <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
+ <!ENTITY c14n 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'>
+ <!ENTITY xpath 'http://www.w3.org/TR/1999/REC-xpath-19991116'>
+ <!ENTITY xslt 'http://www.w3.org/TR/1999/REC-xslt-19991116'>
+ <!ATTLIST Notaries Id ID #IMPLIED>
+]>
+<!-- Preamble -->
+<Envelope xmlns:foo="http://example.org/foo" xmlns="http://example.org/usps">
+ <DearSir>foo</DearSir>
+ <Body>bar</Body>
+ <YoursSincerely>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="signature">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ <Reference URI="http://www.w3.org/Signature/2002/04/xml-stylesheet.b64">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-1">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath>
+ self::text()
+ </XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ ancestor-or-self::dsig:SignedInfo
+ and
+ count(ancestor-or-self::dsig:Reference |
+ here()/ancestor::dsig:Reference[1]) &gt;
+ count(ancestor-or-self::dsig:Reference)
+ or
+ count(ancestor-or-self::node() |
+ id('notaries')) =
+ count(ancestor-or-self::node())
+ </XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>tQiE3GUKiBenPyp3J0Ei6rJMFv4=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-2">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>qg4HFwsN+/WX32uH85WlJU9l45k=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties" URI="#signature-properties-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>ETlEI3y7hvvAtMe9wQSz7LhbHEE=</DigestValue>
+ </Reference>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
+ </Reference>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
+ </Reference>
+ <Reference URI="#xpointer(/)">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>J/O0HhdaPXxx49fgGWMESL09GpA=</DigestValue>
+ </Reference>
+ <Reference URI="#xpointer(/)">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>MkL9CX8yeABBth1RChyPx58Ls8w=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>yamSIokKmjA3hB/s3Fu07wDO3vM=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>419CYgyTWOTGYGBhzieWklNf7Bk=</DigestValue>
+ </Reference>
+ <Reference URI="#reference-2">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>VzK45P9Ksjqq5oXlKQpkGgB2CNY=</DigestValue>
+ </Reference>
+ <Reference Id="reference-1" URI="#manifest-reference-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>7/9fR+NIDz9owc1Lfsxu1JBr8uo=</DigestValue>
+ </Reference>
+ <Reference Id="reference-2" URI="#reference-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>qURlo3LSq4TWQtygBZJ0iXQ9E14=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ WvZUJAJ/3QNqzQvwne2vvy7U5Pck8ZZ5UTa6pIwR7GE+PoGi6A1kyw==
+ </SignatureValue>
+ <KeyInfo>
+ <RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#X509Data" URI="#object-4">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ ancestor-or-self::dsig:X509Data
+ </XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ </KeyInfo>
+ <Object Id="object-1" MimeType="text/plain">I am the text.</Object>
+ <Object Encoding="http://www.w3.org/2000/09/xmldsig#base64" Id="object-2" MimeType="text/plain">SSBhbSB0aGUgdGV4dC4=</Object>
+ <Object Id="object-3">
+ <NonCommentandus xmlns=""><!-- Commentandum --></NonCommentandus>
+ </Object>
+ <Object>
+ <Manifest Id="manifest-1">
+ <Reference Id="manifest-reference-1" URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ <Reference URI="#reference-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>qURlo3LSq4TWQtygBZJ0iXQ9E14=</DigestValue>
+ </Reference>
+ <Reference URI="#notaries">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://www.w3.org/TR/xhtml1/strict" exclude-result-prefixes="foo" version="1.0">
+ <xsl:output encoding="UTF-8" indent="no" method="xml" />
+ <xsl:template match="/">
+ <html>
+ <head>
+ <title>Notaries</title>
+ </head>
+ <body>
+ <table>
+ <xsl:for-each select="Notaries/Notary">
+ <tr>
+ <th>
+ <xsl:value-of select="@name" />
+ </th>
+ </tr>
+ </xsl:for-each>
+ </table>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>c7wq5XKos6RqNVJyFy7/fl6+sAs=</DigestValue>
+ </Reference>
+ </Manifest>
+ </Object>
+ <Object>
+ <SignatureProperties Id="signature-properties-1">
+ <SignatureProperty Target="#signature">
+ <SignerAddress xmlns="urn:demo"><IP>192.168.21.138</IP></SignerAddress>
+ </SignatureProperty>
+ </SignatureProperties>
+ </Object>
+ <Object Id="object-4">
+ <X509Data>
+ <X509SubjectName>
+ CN=Merlin Hughes,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
+ </X509SubjectName>
+ <X509IssuerSerial>
+ <X509IssuerName>
+ CN=Transient CA,OU=X/Secure,O=Baltimore Technologies Ltd.,ST=Dublin,C=IE
+ </X509IssuerName>
+ <X509SerialNumber>1017788370348</X509SerialNumber>
+ </X509IssuerSerial>
+ <X509Certificate>
+ MIIDUDCCAxCgAwIBAgIGAOz46g2sMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDQwMjIyNTkzMFoXDTEyMDQwMjIxNTkyNVowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
+ czCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQDd454C+qcTIWlb65NKCt2PtguNpOSn
+ Id5woUigu7xBk2QZNAjVyIhMEfSWp8iR0IdKLx+JQLcNOrcn0Wwl5/hhW0MXsmlS
+ 8dM5Cq2rtmDHooLxbGTPqtALE6vsXQCk5iLz3MtGh7gyQMZ7q7HT5a3I5NChUgY1
+ MMNQVetRA1susQIVAIQy3BStBjvx89Wq8Tjr7IDP1S8lAoGBAJ58e4W3VqMxm7Zx
+ YJ2xZ6KX0Ze10WnKZDyURn+T9iFIFbKRFElKDeotXwwXwYON8yre3ZRGkC+2+fiU
+ 2bdzIWTT6LMbIMVbk+07P4OZOxJ6XWL9GuYcOQcNvX42xh34DPHdq4XdlItMR25N
+ A+OdZ4S8VVrpb4jkj4cyir1628kgA4GEAAKBgHH2KYoaQEHnqWzRUuDAG0EYXV6Q
+ 4ucC68MROYSL6GKqNS/AUFbvH2NUxQD7aGntYgYPxiCcj94i38rgSWg7ySSz99MA
+ R/Yv7OSd+uej3r6TlXU34u++xYvRo+sv4m9lb/jmXyZJKeC+dPqeU1IT5kCybURL
+ ILZfrZyDsiU/vhvVozowODAOBgNVHQ8BAf8EBAMCB4AwEQYDVR0OBAoECIatY7SE
+ lXEOMBMGA1UdIwQMMAqACIOGPkB2MuKTMAkGByqGSM44BAMDLwAwLAIUSvT02iQj
+ Q5da4Wpe0Bvs7GuCcVsCFCEcQpbjUfnxXFXNWiFyQ49ZrWqn
+ </X509Certificate>
+ <X509Certificate>
+ MIIDSzCCAwugAwIBAgIGAOz46fwJMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDQwMjIyNTkyNVoXDTEyMDQwMjIxNTkyNVowbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MIIBtzCCASwGByqGSM44BAEwggEfAoGBAN3jngL6pxMhaVvrk0oK3Y+2C42k5Kch
+ 3nChSKC7vEGTZBk0CNXIiEwR9JanyJHQh0ovH4lAtw06tyfRbCXn+GFbQxeyaVLx
+ 0zkKrau2YMeigvFsZM+q0AsTq+xdAKTmIvPcy0aHuDJAxnursdPlrcjk0KFSBjUw
+ w1BV61EDWy6xAhUAhDLcFK0GO/Hz1arxOOvsgM/VLyUCgYEAnnx7hbdWozGbtnFg
+ nbFnopfRl7XRacpkPJRGf5P2IUgVspEUSUoN6i1fDBfBg43zKt7dlEaQL7b5+JTZ
+ t3MhZNPosxsgxVuT7Ts/g5k7EnpdYv0a5hw5Bw29fjbGHfgM8d2rhd2Ui0xHbk0D
+ 451nhLxVWulviOSPhzKKvXrbySADgYQAAoGAfag+HCABIJadDD9Aarhgc2QR3Lp7
+ PpMOh0lAwLiIsvkO4UlbeOS0IJC8bcqLjM1fVw6FGSaxmq+4y1ag2m9k6IdE0Qh5
+ NxB/xFkmdwqXFRIJVp44OeUygB47YK76NmUIYG3DdfiPPU3bqzjvtOtETiCHvo25
+ 4D6UjwPpYErXRUajNjA0MA4GA1UdDwEB/wQEAwICBDAPBgNVHRMECDAGAQH/AgEA
+ MBEGA1UdDgQKBAiDhj5AdjLikzAJBgcqhkjOOAQDAy8AMCwCFELu0nuweqW7Wf0s
+ gk/CAGGL0BGKAhRNdgQGr5iyZKoH4oqPm0VJ9TjXLg==
+ </X509Certificate>
+ </X509Data>
+ </Object>
+ </Signature>
+ </YoursSincerely>
+ <PostScript>bar</PostScript>
+ <Notaries xmlns="" Id="notaries">
+ <Notary name="Great, A. T." />
+ <Notary name="Hun, A. T." />
+ </Notaries>
+ <!-- Commentary -->
+</Envelope>
+<!-- Postamble -->
diff --git a/docs/tests/merlin-xmlenc-five/Readme.txt b/docs/tests/merlin-xmlenc-five/Readme.txt
new file mode 100644
index 00000000..3a663b7c
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/Readme.txt
@@ -0,0 +1,117 @@
+Example Signatures[1] using Encryption[2] key information and
+Additional Security URIs[3], Encrypted Data[2] and Decryption
+Transform[4]
+
+[1] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
+[2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/
+[3] http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt
+[4] http://www.w3.org/TR/xmlenc-decrypt
+
+***
+Some of these signature are WITHOUT cryptographic merit;
+for example, key transport of an HMAC key is meaningless.
+These are provided solely for testing purposes.
+***
+
+Private keys necessary for performing the verification
+and decryption are provided in the PKCS#12 file ids.p12,
+encrypted under the pass phrase "Our Little Secret". I
+may have done some of the ASN.1 encoding in this P12
+incorrectly; I hope not. Private keys are also available
+in PKCS#8 encoding; rsa.p8, dh1.p8.
+
+RSA/OAEP is presently poorly defined; I assume MGF1/SHA-1.
+
+Secret keys are identified by key name as follows:
+
+ Key Name | Algorithm | Key Value
+----------+-----------+-----------
+ bob | 3des | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
+ job | aes-128 | "abcdefghijklmnop".getBytes ("ASCII")
+ jeb | aes-192 | "abcdefghijklmnopqrstuvwx".getBytes ("ASCII")
+ jed | aes-256 | "abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII")
+
+. encrypt-content-aes128-cbc-kw-aes192.xml
+. encrypt-content-aes192-cbc-dh-sha512.xml
+. encrypt-content-tripledes-cbc.xml
+. encrypt-data-aes128-cbc.xml
+. encrypt-data-aes192-cbc-kw-aes256.xml
+. encrypt-data-aes256-cbc-kw-tripledes.xml
+. encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
+. encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml
+. encrypt-element-aes128-cbc-rsa-1_5.xml
+. encrypt-element-aes192-cbc-ref.xml
+. encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
+. encrypt-element-tripledes-cbc-kw-aes128.xml
+ Encrypted content, element and data. RSA private key has
+ friendly name "RSA" in the P12, and is rsa.p8.
+ DH private key has ID "DH1", and is dh1.p8.
+
+. encrypt-content-aes256-cbc-prop.xml
+ Contains a useless EncryptionProperty.
+
+. encrypt-element-aes256-cbc-carried-kw-aes256.xml
+ External EncryptedKey contains a CarriedKeyName which
+ is referenced by a KeyName in the EncryptedData; the
+ key for Recipient "someone else" is not for you; the
+ key for Recipient "you" is.
+
+. encrypt-element-aes256-cbc-retrieved-kw-aes256.xml
+ External EncryptedKey is identified by a RetrievalMethod
+ in the EncryptedData.
+
+. decryption-transform.xml
+ Decryption transform.
+
+. decryption-transform-except.xml
+ Decryption transform with Except.
+
+All signatures are performed with nontruncated HMAC
+algorithms.
+
+For debugging purposes, where chosen, the MAC key is
+"abcdefghijklmnopqrstuvwxyz012345".getBytes ("ASCII"). Where
+agreed, it has length equal to the HMAC output length; e.g., 256
+bits for HMAC/SHA-256.
+
+. encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml
+ RIPEMD-160 message digest; HMAC/RIPEMD-160 key is wrapped
+ using triple DES. The decryption key is from the above table,
+ identified by the key name "bob".
+
+. encsig-sha256-hmac-sha256-kw-aes128.xml
+ SHA-256 message digest; HMAC/SHA-256 key is wrapped using
+ AES-128. The decryption key is from the above table, identified
+ by the key name "job".
+
+. encsig-sha384-hmac-sha384-kw-aes192.xml
+ SHA-384 message digest; HMAC/SHA-384 key is wrapped using
+ AES-192. The decryption key is from the above table, identified
+ by the key name "jeb".
+
+. encsig-sha512-hmac-sha512-kw-aes256.xml
+ SHA-512 message digest; HMAC/SHA-512 key is wrapped using
+ AES-256. The decryption key is from the above table, identified
+ by the key name "jed".
+
+. encsig-hmac-sha256-rsa-1_5.xml
+ HMAC/SHA-256 keys is transported using RSA/OAEP. Your private
+ key has friendly name "RSA" in the P12.
+
+. encsig-hmac-sha256-rsa-oaep-mgf1p.xml
+ HMAC/SHA-256 keys is transported using RSA/PKCS#1. Your private
+ key has friendly name "RSA" in the P12.
+
+. encsig-hmac-sha256-dh.xml
+ HMAC/SHA-256 key is agreed using Diffie Hellman. Your private
+ key has friendly name "DH1" in the P12.
+
+. encsig-hmac-sha256-kw-tripledes-dh.xml
+ HMAC/SHA-256 key is wrapped using triple DES. The decryption
+ key is agreed using Diffie Hellman. Your private key has
+ friendly name "DH1" in the P12.
+
+Merlin Hughes <merlin@baltimore.ie>
+Baltimore Technologies, Ltd.
+
+Monday, March 4, 2002
diff --git a/docs/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml b/docs/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml
new file mode 100644
index 00000000..74eec57f
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes192" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jeb</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ JbjZH7Mq564oMybpvCHWYM/5ER3eFsAV
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ YDYTxR+smxZDSVoXXEp3n6HzTgWqV7ZlG6I1lmEv7zLGZBF/o7eqe5QGT6L3DPNW
+ geflA8vVJHxwliixWcvHCnNKQkx+Sw8YbIknCQyr4mqtXEmHhsie5XYTEyqgKLVP
+ YdNXf56wLUTMEmBqq7cto9OrYcBWkrDcQQvHmDkHuG+Nom4m+623GsB0FNts6VyN
+ sdGMwo4K0bEFReLL04l6It+cgLJ2q+LKdBoMQL59IAQmrwi0bkiqee2cLlDuGyQ1
+ KD9IQ1qtlJpvQujN4xNVWT00UjtWxmpSMID/Kue/AnXn7Cf8zw1ZZQitgh8uWOX2
+ uMy99F2YlxqIK1r+MeXHuZDNf75S8dFaKIKtHMf7ioA=
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ </PaymentInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/decryption-transform-except.xml b/docs/tests/merlin-xmlenc-five/decryption-transform-except.xml
new file mode 100644
index 00000000..bdd22516
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/decryption-transform-except.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-0" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jed</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ cX6lnfgmvWuxyiQgNhzAq1lYggW2M5GziFgNBQju3xcnDqlzf5LSjeyBnbL0Q7ws
+ 8XhySFCrdwIi5mVxyfdFkVrTlzQQ0viaqTDgi9PQRgZMOImGGWij3wbmf9XseHHt
+ 6q8V7LPjMFQAnsLDQgKf4gzzOnhtKf15GfTEpGvUnNn2dLDxw+hDcD1N54/bjSQs
+ uTiL7PgGQ5g4u4eaXRRLWeAGsIf5QgdQG3GLiOZIX1LJ5bREKgXeKrtJJI97xUX3
+ 3vaF+tKRcSFBFIMjFrw271bFj4vvvQZfSS6xX+BKXHOUu8C4NH9Le8pA9o4NgCB8
+ tWA8W3iI5/BGEZve0Me9byvPHYjRXlbG+YqysVTmzfw=
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-1">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <CipherData>
+ <CipherValue>
+ x3aR5pJ5pepFFH5ENv61pZG4pVwNKaM+H9oyY4qG6d8l/C0J1iGv6c8dyLp0YQ2k
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ </PaymentInfo>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/2001/04/decrypt#">
+ <Except xmlns="http://www.w3.org/2001/04/decrypt#" URI="#encrypt-data-1" />
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <DigestValue>5Oe9qba6preOZG1NZAYK2/6pu9RCon9vRJ9hVLDpeng=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ LuHrz9+WG7/c4Q81tFboNZg2cktWbZcRfp08XrmgKy1GDm9xSfTYCA==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ imup6lmki4rAmUstKb/xdBRMWNtQ+pDN97ZnLA9X3lKbkEHtYFyjQ3uActgVSJ75
+ iVRuKxz4Cb5RzVm25EaKmKq8rif1MtBIi6jjDJxmIdNaEKG9zVTf9giJx1N9I0t3
+ oh1fAVZDSrzKzJGQ2WvDfIfFHdJMtB3C0VKGmLZR7Xk=
+ </P>
+ <Q>
+ xDve3j7sEnh4rIzM5gK+5/gxxFU=
+ </Q>
+ <G>
+ NLugAf6IZJxo3BCOi5yrGEVwtlEzXcnndXhd0Tz38CnQKc4SEupm4PyP5TmLvK64
+ TDfOD7sno/W5oI1KZdimfW2c4r/6waNzZSvicMOWhLYY621Nn6njBc8VNwoxWpzC
+ XhKm70b8+D4YZMn/eU5DN8dvhTv/bNK21FfJqjp033U=
+ </G>
+ <Y>
+ W7dOmH/vWqocVCiqaxj6soxVXfR8XpMdY2Zv4Amjr3n81geyOLb6IZ+l7MUbdp85
+ 29DQzuoVTthVpB9X4JKCprZIzifOTM1PFflTBzjx7egJwJWAIVdWyiIPjke6Va+w
+ uV2n4Rl/cgCvrXK5cTov5C/Bpaf6o+qrrDGFBLLZTF4=
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+ </Signature>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/decryption-transform.xml b/docs/tests/merlin-xmlenc-five/decryption-transform.xml
new file mode 100644
index 00000000..50d68b34
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/decryption-transform.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-0" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jed</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ SE3HkQevYxzuN9LoMH3QIYHK0X7DBlobhiTbRucgKcTKt9DsUJIcd6JZV6lrw/4x
+ YICyq6YM73IWpibspxgz/0chhvWem9sYZvWTuTtZgHzeY0Uri6bpXqBEn1YT0K6B
+ chwfv1myfp91EmdPHU+shH6ZEyYkHJUMss58iIawIuVsIfpCO7xDKgfs/glnN3os
+ epY0KvAMZSnwUAf42fQ3TlahLTR+B52AmdodwaCwQlwQwrC7RH0FtNiiLQA9SA2t
+ //StKWcyHjswUCejfKLdjv6bK+WmBxmnNWtmI9DYkjJ6V5pYU1MVw+JG410O+gaa
+ fnNWxlWa+BGwcTaz+KNrP8bIqli8IoJJgxXIUqfb734=
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ </PaymentInfo>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/2001/04/decrypt#" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <DigestValue>wSvPYqTcpLfX2mKXibtsmm7FDu8N+/BObM0+bGaeXhk=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ O0VYUdslJ8t2EURD0T/v2nNrFQMo42vzvfAhooZrDbkuLbCj6/Hxmw==
+ </SignatureValue>
+ <KeyInfo>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>
+ imup6lmki4rAmUstKb/xdBRMWNtQ+pDN97ZnLA9X3lKbkEHtYFyjQ3uActgVSJ75
+ iVRuKxz4Cb5RzVm25EaKmKq8rif1MtBIi6jjDJxmIdNaEKG9zVTf9giJx1N9I0t3
+ oh1fAVZDSrzKzJGQ2WvDfIfFHdJMtB3C0VKGmLZR7Xk=
+ </P>
+ <Q>
+ xDve3j7sEnh4rIzM5gK+5/gxxFU=
+ </Q>
+ <G>
+ NLugAf6IZJxo3BCOi5yrGEVwtlEzXcnndXhd0Tz38CnQKc4SEupm4PyP5TmLvK64
+ TDfOD7sno/W5oI1KZdimfW2c4r/6waNzZSvicMOWhLYY621Nn6njBc8VNwoxWpzC
+ XhKm70b8+D4YZMn/eU5DN8dvhTv/bNK21FfJqjp033U=
+ </G>
+ <Y>
+ W7dOmH/vWqocVCiqaxj6soxVXfR8XpMdY2Zv4Amjr3n81geyOLb6IZ+l7MUbdp85
+ 29DQzuoVTthVpB9X4JKCprZIzifOTM1PFflTBzjx7egJwJWAIVdWyiIPjke6Va+w
+ uV2n4Rl/cgCvrXK5cTov5C/Bpaf6o+qrrDGFBLLZTF4=
+ </Y>
+ </DSAKeyValue>
+ </KeyValue>
+ </KeyInfo>
+ </Signature>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/dh0.p8 b/docs/tests/merlin-xmlenc-five/dh0.p8
new file mode 100644
index 00000000..bd3683d7
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/dh0.p8
Binary files differ
diff --git a/docs/tests/merlin-xmlenc-five/dh1.p8 b/docs/tests/merlin-xmlenc-five/dh1.p8
new file mode 100644
index 00000000..56946899
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/dh1.p8
Binary files differ
diff --git a/docs/tests/merlin-xmlenc-five/dsa.p8 b/docs/tests/merlin-xmlenc-five/dsa.p8
new file mode 100644
index 00000000..8e4a85cd
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/dsa.p8
Binary files differ
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml b/docs/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml
new file mode 100644
index 00000000..21467fb7
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes192" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jeb</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ IbjZH7Mq564oMybpvCHWYM/5ER3eFsAV
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ YDYTxR+smxZDSVoXXEp3n6HzTgWqV7ZlG6I1lmEv7zLGZBF/o7eqe5QGT6L3DPNW
+ geflA8vVJHxwliixWcvHCnNKQkx+Sw8YbIknCQyr4mqtXEmHhsie5XYTEyqgKLVP
+ YdNXf56wLUTMEmBqq7cto9OrYcBWkrDcQQvHmDkHuG+Nom4m+623GsB0FNts6VyN
+ sdGMwo4K0bEFReLL04l6It+cgLJ2q+LKdBoMQL59IAQmrwi0bkiqee2cLlDuGyQ1
+ KD9IQ1qtlJpvQujN4xNVWT00UjtWxmpSMID/Kue/AnXn7Cf8zw1ZZQitgh8uWOX2
+ uMy99F2YlxqIK1r+MeXHuZDNf75S8dFaKIKtHMf7ioA=
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ </PaymentInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml b/docs/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml
new file mode 100644
index 00000000..d1242784
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml
@@ -0,0 +1,113 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
+ <KA-Nonce>
+ bm9uY2U=
+ </KA-Nonce>
+ <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" />
+ <OriginatorKeyInfo>
+ <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <P>
+ plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
+ 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
+ whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
+ </P>
+ <Q>
+ 9jJXQijNovoq6QUBFcEUYwUvyTM=
+ </Q>
+ <Generator>
+ PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
+ lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
+ 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
+ </Generator>
+ <Public>
+ Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
+ NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
+ m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
+ </Public>
+ </DHKeyValue>
+ </KeyValue>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
+ czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
+ wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
+ m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
+ oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
+ cU0=
+ </X509Certificate>
+ </X509Data>
+ </OriginatorKeyInfo>
+ <RecipientKeyInfo>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
+ aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
+ VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
+ wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
+ orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
+ Yos=
+ </X509Certificate>
+ </X509Data>
+ </RecipientKeyInfo>
+ </AgreementMethod>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ 5jIlxXZGhx8vUNbL0ZvdRry6mPapX8qLYlDgy3tE6nRbnBRWACviYQAXBqvDfn1R
+ TKmBWZ5NoJobM8lXWOk2nNQIuSQojcFYRuvcWU7DffDVX7dUCAVRJp6PS/5V1IHR
+ JJ2WBagWSW1lFW9mqjfe0ZflEZGYI3/5kUYQIpbMvEuXoF8129VGiKalZsCVTRxd
+ /IsdT8x/7L57GlGq0OzCMI5zG3QrBV7wUOoqBu5SxS8QUvUPucH8hsD4Bq4BwVEa
+ GlUVAj7H3HYYo7fviTO4i2lTMunGW9rcJVnKXjDM/Mds3oM4zbBo/Ao3m3rmpUUz
+ AwSe6ofh6ML418+cyCaRUoVQOlG+VwkHEKUiYYGhsKY=
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ </PaymentInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml b/docs/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml
new file mode 100644
index 00000000..03a73157
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-data-0" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jed</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ H8n1OuEJFyUgUguDFF6ml8nRbA0IaDYgmtGelWT4V7CSz9q/AvtfxyMzUH+tQZ+F
+ jyXh3otR1+V1+8EsevzEq5nUmNKl+wyxQmWaUvbvXpSwAJnlJdyvnP56JiXUBS+p
+ C2KzlO9kk8l6awtuRd9Z6eVjngwTf7kNprmu5Bv0o+x7dcq96G8wGLvMThbs4uxk
+ iIDK5+qGBzzIlFw3GG82MKmnVBveQw3LD52y76yBtoayuAJFJMnrXa0OEAaBRSI2
+ fjPNGJV3sCyKZDHqGlsQ4X+VvXzevLbBLkFy1xH9/zoUXo8cEaTvsIOBYu/Xn/CJ
+ y/dpe/dvOqqji+9vFccAyrBHxHeYSonuFsxfpSDVC6Y=
+ </CipherValue>
+ </CipherData>
+ <EncryptionProperties>
+ <EncryptionProperty Target="#encrypt-data-0">
+ <Certification xmlns="urn:example:prop">
+ certifiable
+ </Certification>
+ </EncryptionProperty>
+ </EncryptionProperties>
+ </EncryptedData>
+ </PaymentInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml b/docs/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml
new file mode 100644
index 00000000..f5dafe98
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>bob</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ uchJT2QyzQe7BoBaDYKPR5BDgEW8jsJ3UOGEYz9EVrBKVztYfcu0xhif5Y9kqtyx
+ DDa7woNcTyhwQDZh9jGr5hzkcjrsKfMjJw+PnKNZzc+KMW0z861L8sdhdl8TA+bt
+ yudfaCEJaH4RdHABp+VMzL5CrXr5skvubolWs1KzUtqbRekkxucknzJmnqRY8yPp
+ 4iBvVuvus+Bk0pj271NWu13CmHvdJRMMDSX30JMfsecW6mfdF5xjoFciL8VnemzJ
+ qt0SUVjMzoeY0PnCdk09Ej2OZdj8AtkLPCEKeiBBD+coCf5F8WaLrPTRPgjoAtiN
+ Wda+McaZPJje1IfoAKGTcg==
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ </PaymentInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml b/docs/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml
new file mode 100644
index 00000000..8ae0a064
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>job</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ QMpxhXq1DtBeyC9KfSaMQWrEtefe+e935gF/x62spvmL6IW0XeS0W4Kk31OgWzN0
+ </CipherValue>
+ </CipherData>
+</EncryptedData>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml b/docs/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml
new file mode 100644
index 00000000..55ccb1e7
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jed</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ 4AAgyi3M7xNdBimbQZKdGJLn3/cS4Yv8QKuA01+gUnY=
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ 50lv94d/DFJirJXYOUXaBlrO+7gIXpx8cqH+G2xvE4mueoIxmGs8RH7FBXwjuMgf
+ </CipherValue>
+ </CipherData>
+</EncryptedData>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml b/docs/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml
new file mode 100644
index 00000000..14e2b922
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-tripledes" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>bob</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ ZyJbVsjRM4MEsswwwHz57aUz1eMqZHuEIoEPGS47CcmLvhuCtlzWZ9S/WcVJZIpz
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ Lp2ZWyJERT05icmHvWWbEtCCfmB2jvSlSclhS0oj3A3PU90aE6v+bFFQxrHw7VUd
+ </CipherValue>
+ </CipherData>
+</EncryptedData>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml b/docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
new file mode 100644
index 00000000..c9c30e09
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <OAEPparams>
+ MTIzNDU2Nzg=
+ </OAEPparams>
+ </EncryptionMethod>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>
+ MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
+ dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
+ dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
+ 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
+ McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
+ a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
+ HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
+ BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
+ TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
+ 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
+ </X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ 1SVctZA/RB6vVjsu5NYTxowdvsViJJ1skDXX09RmNU3YlCuPpSqWWhCU5u5ILfr9
+ 6AFcascXbdFyEZ9tjDhK8Nid2MEqkR/Mc9zFHf7mPMnO7C8bRggkjjdILSIF/Ft7
+ FXzm/DFP50IF3zPe/n5jy2Nk8uRvTmKUDcnoV6qnUgY=
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ QOImekuU44UeCmVaMma9bCT5h5a6mWXDSndTB81jvHw=
+ </CipherValue>
+ </CipherData>
+</EncryptedData>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml b/docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml
new file mode 100644
index 00000000..29daa4ea
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ </EncryptionMethod>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>
+ MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
+ dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
+ dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
+ 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
+ McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
+ a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
+ HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
+ BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
+ TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
+ 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
+ </X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ S5SqVG+QxxpCNWobuqQFAI6db1pTEpWNMQXQVJAPjlfmvnVmTtq5v6fgMA2l/r7M
+ iX7gUPZthrKezkSavDfi057cK6YKpC5/KACXjNJvUoaVXj/aXpcoMOO+ZTPq36eo
+ pyeW99DWYgCbY88Kf9R3r3QMx/ogwjScfRVJTRZL3Lo=
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ HG02AxNyn4iA9NH5x+PQ9lgPNzTkljThotXWKz0UYrE=
+ </CipherValue>
+ </CipherData>
+</EncryptedData>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml b/docs/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml
new file mode 100644
index 00000000..ae349285
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>
+ MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
+ dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
+ dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
+ 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
+ McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
+ a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
+ HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
+ BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
+ TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
+ 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
+ </X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ heZshNX5m7arS3OmR72+8WNCMMpznxE41dLWkgd6XJpzl+IN2xuijAf4YPEjjJmZ
+ nt9PlO3/hiHl0Cvpg5vMR6AhvL49BvCz9JCeMG6x3MHBiKbRNhyEq2rX7o1GdJhC
+ 5cm35Q/ZDKV9DHG8jWmPcOb8yKU9NYo2LJKDb3YHOJY=
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ 0wkECpTy60/FDwbVM4zgd9qJVjR4h0q4PLm5pyyIxAuhbEh0art03yEikmbWBt2H
+ 7qOk2G9iufUdwwqNPuZV5Qw5Rg2FMvTx234lDERGn5p+hhjOTcss5JF9QDzgdiec
+ KABX3vbCESi/f3uwQ8BYDT+6SnxTR+xtcNv5xhbUCIFk/TaenSWx6p6fntTwTl1e
+ lpwnI0EtM1yf4a9tBiH9PNd36BUv2rvSi4cZvJqSB3ZKvGtuwwyRzOzlzl259d1u
+ QuoYysTBEAHw/WIop8eAexU9PUv7UbTkQAQag1yStda+GepVdpXEpu4hcxXQcvfs
+ 9AQgkAgh4JKrnY4Bhz2B/e4CHHfbEedDOi+FVYlZuLn0CzrKMnM+1nUmqxJVWHz7
+ hytidpuqNRw3gcMkYvgH6g==
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml b/docs/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml
new file mode 100644
index 00000000..b092d7f1
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jeb</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherReference URI="">
+ <Transforms>
+ <Transform xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:rep="http://www.example.org/repository">self::text()[parent::rep:CipherValue[@Id="example1"]]</XPath>
+ </Transform>
+ <Transform xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
+ </Transforms>
+ </CipherReference>
+ </CipherData>
+ </EncryptedData>
+ <CipherValue xmlns="http://www.example.org/repository" Id="example1">
+ zih1MFU6Px1m2U1lSEIV9LUIsnb3SIWBfRHlRrOWKFFFcVvXiE6z3nCbkNYMuy1T
+ nPwXDd9/BkOGiPuFT2jixN7Zowe2ANK1dZXKVjZ1+ACx+Kg17U+EMPEuq481OW7e
+ wm0vnbur0L2lCXb4DP7c6sotV89W53v2MlaYqWHhlBO/zasqwhl6q/c/L/GdPUHH
+ ovKZ+24ZWYktxCLEXMslIAysQ0UFBLolrtC/7XDgYY9s4UvbedgeqbrdnxQ4LiRn
+ L+aKN1bnKF3KlWKCJFvVrRESriGPBfpasWA/A1LOK333a8LaOlS7RFamflfICk+t
+ VqCspVnIs6vBBtrGLI5SsJS+rh1r42jI/h/ivELUOmUq1sZCFQvEhx7AiHi4/9SY
+ LWcR4w3ZH3aqFL/XtAzKYQ==
+ </CipherValue>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml b/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml
new file mode 100644
index 00000000..3594a7f4
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>Foo Key</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ pdDtiyd7XQ/BFEEN0PMJuHnLUfCY+bJlsW+q04OiKSPnRd4/dS1tjaTfj5dPpGXe
+ cY3fJvRsq9QP1CJiwyEC/EQ1zSLbzwOtZ+NtxtsFgYvPBJ9t86ZcXIjlErQ85z3L
+ wnb8rSHpE9tu4tJ1rjgf2i6NCbdFnSMXLSDgLEs48+gkX0cJCmKxzRaSE4cV0OSl
+ hBWND4EYzX1M679VlSYrI0de+lSPO3Vx+y/TuZ5Vo+uu9+YP+ce0LRkx2BicjjsP
+ QO9sp+yjHPNDIV1Z7VHsDIWqqmBaNQo3GuzF5WzWgaXTKnPv/IgUQn+1t3EtgHyb
+ JhnfR/1em16z/Zaf9Uy1Lfd//yfEJ9BCjqwe1UjwN6ytu1v2BHd+8bVjD2o+Dg8V
+ 7ayOLlkWOTOLvtJMPOXPqw==
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#" Recipient="someone else">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>ned</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ EWlIkFPGrkeW4cyjWSznLVoClVh/OEC7Klya9d9o7R6wll6JswZb2w==
+ </CipherValue>
+ </CipherData>
+ <CarriedKeyName>Foo Key</CarriedKeyName>
+ </EncryptedKey>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#" Recipient="you">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jed</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ bsL63D0hPN6EOyzdgfEmKsAAvoJiGM+Wp9a9KZM92IKdl7s3YSntRg==
+ </CipherValue>
+ </CipherData>
+ <CarriedKeyName>Foo Key</CarriedKeyName>
+ </EncryptedKey>
+ </KeyInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml b/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
new file mode 100644
index 00000000..5fb336ac
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
+ <KA-Nonce>
+ bm9uY2U=
+ </KA-Nonce>
+ <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" />
+ <OriginatorKeyInfo>
+ <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <P>
+ plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
+ 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
+ whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
+ </P>
+ <Q>
+ 9jJXQijNovoq6QUBFcEUYwUvyTM=
+ </Q>
+ <Generator>
+ PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
+ lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
+ 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
+ </Generator>
+ <Public>
+ Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
+ NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
+ m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
+ </Public>
+ </DHKeyValue>
+ </KeyValue>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
+ czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
+ wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
+ m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
+ oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
+ cU0=
+ </X509Certificate>
+ </X509Data>
+ </OriginatorKeyInfo>
+ <RecipientKeyInfo>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
+ aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
+ VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
+ wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
+ orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
+ Yos=
+ </X509Certificate>
+ </X509Data>
+ </RecipientKeyInfo>
+ </AgreementMethod>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ qKWnCxVIlNvPEqBMxhCaY6z9NK0ZFCmRef1U5wbIMPaR/g2Zdw7VZg==
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ betMfG/VMLdwNGdkspCrJSo092PltInklQisKd8ImQgeFMzjn73OpXhK0KJtB9IB
+ 1xGjENZ8Yzu625ehhCZGGFK4mp8DkIE7Sfw7O+5UEqprE/cGrWL0bbcz0U7X2Evh
+ 4/9va6h+DHAzmVYW7bqsa0WkiHkELRq44ORdSzyPUIwpGUCsOWyThsYfIn4uhIHQ
+ NJVTKPRHTb5H5lsxNtobSeXACSYAHk/BmJM99h4IQ9Gh7bCkhkmZsIvo/lNOW+6r
+ xtvLqHfYw9XhJe7hL0Q5EluMCBZQJ/Vx2r5lTXzBeonlurpzNdRa+ClKSVRUwKYH
+ Vjemr/o+Y4e4r8gD3TVP3auVuUCmi3XLpj4WjOsPDcekzZUgXA/xuJ+7jHXjOEOK
+ RViMiwIk0cqOa6s0Qg63EQ==
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml b/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml
new file mode 100644
index 00000000..7311b845
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey" URI="#encrypt-key-0" />
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ cudR6Hg0xqhrOjbvQz4C/WOdHbcB7Duc+xFxbObkfkW6jXweDOf8Tq87FPbj5bby
+ oCLbWqq3ap/zx/gN8Xv3Fj6fYUz3dIb1wzXy7B0/3me7i4fBHyGropflLi7iEag2
+ WU7aGJ0CA9/jQr6Td2qhH0CDU47QN9eK/PVMPPfLX1D1A90uK32wPn+SCysE58Q3
+ rCi7Jwo+OsrxT0qqjP82T3FjVi0i/dsnPb5GQWLE3/y7OsIuknuMRO4mWma+bO/m
+ aAN9JNeom5Kn3IKHCK2+kyx+LsGo2daKxF7RF9QqlaA/imsMS4trRjZjYhgfgm96
+ kb1l4AI7VZcfRXwYdzLqKNHty6ZxbSQBMeEca0mEuIbor7IH34641a/BuFME/BLm
+ MoVaLUCE0rg1e1U0S18UCg==
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#" Id="encrypt-key-0">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jed</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ bsL63D0hPN6EOyzdgfEmKsAAvoJiGM+Wp9a9KZM92IKdl7s3YSntRg==
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml b/docs/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml
new file mode 100644
index 00000000..1ede0646
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>job</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ dV45TUpJbidb9iKa34xj1WVtTZ036cnqvym2TBJWR5c=
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ bmExbDyrUQtsGjNBU7TRpMhOC76O/wBDWVMQML43lWNP0xp7QwVPce1XdbB4AVUn
+ xxAuJh18jOd9UzPTzrJHrKWvsWP8Xp1m/HL3A1XhOUe+MEcFyJB9fXazhDmyaSYU
+ SvieaPXcpzKWiHhZE8RKUyAYw9nU9wf2SEUgCVRuRPfsrXg4Uyr83VTn84LPe9sL
+ dd2hMj4jhgHL86b7PTYBWdtrYXq0Jwzptuw+TZ1C706BAZDYNAiSTdx3J17Ey3ex
+ IeIFBBIq8D8Gp7XiH4UxiDB6rtA2czox6+FCvaIsrGFaaw9XdzvhiZ3HxYROjprz
+ qiXcJlZzG6j8yRdpHSjsDkN3w7XjEgRODieGx110rBytZcwtqb0zc6JTZH5DzoJy
+ </CipherValue>
+ </CipherData>
+ </EncryptedData>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml
new file mode 100644
index 00000000..a69d9361
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml
@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ 255LFQdP+eAK2aeuuLnz10pmaw4WEYb6TZa3B6H4z8c=
+ </SignatureValue>
+ <KeyInfo>
+ <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
+ <KA-Nonce>
+ bm9uY2U=
+ </KA-Nonce>
+ <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <OriginatorKeyInfo>
+ <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <P>
+ plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
+ 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
+ whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
+ </P>
+ <Q>
+ 9jJXQijNovoq6QUBFcEUYwUvyTM=
+ </Q>
+ <Generator>
+ PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
+ lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
+ 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
+ </Generator>
+ <Public>
+ Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
+ NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
+ m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
+ </Public>
+ </DHKeyValue>
+ </KeyValue>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
+ czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
+ wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
+ m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
+ oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
+ cU0=
+ </X509Certificate>
+ </X509Data>
+ </OriginatorKeyInfo>
+ <RecipientKeyInfo>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
+ aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
+ VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
+ wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
+ orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
+ Yos=
+ </X509Certificate>
+ </X509Data>
+ </RecipientKeyInfo>
+ </AgreementMethod>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml
new file mode 100644
index 00000000..79ef3f12
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml
@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ 9XBpYbFplNqqF7U/QtCHYE20U7oIxcyCr0L19MlenNo=
+ </SignatureValue>
+ <KeyInfo>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-tripledes" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <AgreementMethod xmlns="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#dh">
+ <KA-Nonce>
+ bm9uY2U=
+ </KA-Nonce>
+ <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <OriginatorKeyInfo>
+ <KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <DHKeyValue xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <P>
+ plygl2uMNc+jYtAZeKCZxPsmqa2z8DrOUa7L455iszN4SdPnL+LsZD47VJayvQY8
+ 6D1J5arkwrbUzmhMAjBZsENPBgffRwwEBTjoq+gjSyZNIbxqsqnJdEyUElzn4kGE
+ whECkJGnOaScacpjZg11h+gd0iBfY091bGHrCZrvr/8=
+ </P>
+ <Q>
+ 9jJXQijNovoq6QUBFcEUYwUvyTM=
+ </Q>
+ <Generator>
+ PerUZgMEMDTegMdTBRG9DPY5EHmwDxwzladdRcfvfdfU/9wlPzz5BUotMm730J9d
+ lF6avWr929fzYsnIOUDeUOJpltXmrTYnvz5Bi6yuUu6bVwSfv7u4S+I/EM9ZB+eY
+ 3fdF5TAMHD4tK86lw5APDrN2QnO1UMCwIvjOFatSOI0=
+ </Generator>
+ <Public>
+ Ulu6B1lCwajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82r
+ NyOUqgfnm97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCt
+ m2vKo/BpoLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhM=
+ </Public>
+ </DHKeyValue>
+ </KeyValue>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN39MIMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxNloXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTWVybGluIEh1Z2hl
+ czCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAUlu6B1lC
+ wajtIBnolqqgU+R1oxfye63DnI/iLM/Oe+Y8I/LMMaEmo3LmCU30m82rNyOUqgfn
+ m97S0bT8ZhI8gvw0EyQJ87vhlUz4WcmddU/YlTi3gJHUClr2olmBmRCtm2vKo/Bp
+ oLGJ0Wg1eyWfo54+gCqbeNez/DmBGcBEEhOjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIgUAwB+9f1oIwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQ41mCUsFhmxI58tytV8XEVZOCuUwIUVMe/HbUAH5PJ7aRoCNqa3fCI
+ cU0=
+ </X509Certificate>
+ </X509Data>
+ </OriginatorKeyInfo>
+ <RecipientKeyInfo>
+ <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Certificate>
+ MIIDvjCCA36gAwIBAgIGAOxN3+EMMAkGByqGSM44BAMwbjELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEVMBMGA1UEAxMMVHJhbnNpZW50IENB
+ MB4XDTAyMDIyODE3NTMxOVoXDTAzMDIyODE3NTI1NFowbzELMAkGA1UEBhMCSUUx
+ DzANBgNVBAgTBkR1YmxpbjEkMCIGA1UEChMbQmFsdGltb3JlIFRlY2hub2xvZ2ll
+ cyBMdGQuMREwDwYDVQQLEwhYL1NlY3VyZTEWMBQGA1UEAxMNTmlscmVtIFNlaGd1
+ aDCCAiUwggGaBgcqhkjOPgIBMIIBjQKBgQCmXKCXa4w1z6Ni0Bl4oJnE+yaprbPw
+ Os5RrsvjnmKzM3hJ0+cv4uxkPjtUlrK9BjzoPUnlquTCttTOaEwCMFmwQ08GB99H
+ DAQFOOir6CNLJk0hvGqyqcl0TJQSXOfiQYTCEQKQkac5pJxpymNmDXWH6B3SIF9j
+ T3VsYesJmu+v/wKBgD3q1GYDBDA03oDHUwURvQz2ORB5sA8cM5WnXUXH733X1P/c
+ JT88+QVKLTJu99CfXZRemr1q/dvX82LJyDlA3lDiaZbV5q02J78+QYusrlLum1cE
+ n7+7uEviPxDPWQfnmN33ReUwDBw+LSvOpcOQDw6zdkJztVDAsCL4zhWrUjiNAhUA
+ 9jJXQijNovoq6QUBFcEUYwUvyTMCbQCs/HkLusCqHmY71JxUOFzy5fuWkPpWXJzx
+ qU3oz1BfMZtPUqjpBnqU97M7VUEg+5pRG2txaHP8XNmB1bY0DCE88riDmHP7HqZB
+ Z2gbaH2LxXDQDayb5GcPfn38eDcWvVAaKP9fJ8wG5RUu3AoDgYQAAoGAGSYT19Pb
+ VCxMt06cAP7zQZ6AC5eXp3zeAweIevV96ryA1mB03qhB9X2lVowAUOFc24aVRTz7
+ wRoRjNQ20atzSy21C7yXDkvZ4uxfdrpIqpIVrI28e7XL+6CrhnAk621OvdeyEz5H
+ orA21hPXoCNdnUPG5Ib20oopM87ptF5dwiWjOjA4MA4GA1UdDwEB/wQEAwIDCDAR
+ BgNVHQ4ECgQIiDCSQ3FB/oEwEwYDVR0jBAwwCoAIgjqisiZ1WVswCQYHKoZIzjgE
+ AwMvADAsAhQMtZ98TyqVkVqUJ3RJqaU7l2xqKgIUX997qRqeMjAkK88NHeNd95/2
+ Yos=
+ </X509Certificate>
+ </X509Data>
+ </RecipientKeyInfo>
+ </AgreementMethod>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ 2s+2ji8opL0SLKziiyNZ+mZ8Ibfu7cTwe4C0MmyarYDwGmsiRSqff8trHUwa+njZ
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml
new file mode 100644
index 00000000..ecc29878
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ 9XBpYbFplNqqF7U/QtCHYE20U7oIxcyCr0L19MlenNo=
+ </SignatureValue>
+ <KeyInfo>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>
+ MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
+ dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
+ dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
+ 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
+ McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
+ a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
+ HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
+ BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
+ TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
+ 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
+ </X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ BRhPOKN/KLCih2Q2RoxQiaV0s1FfpOM+kisl9MwRSPow5CyX91rBVfoWpP/Qq1T3
+ Rj/f0gVoJyE008uLic4X/S4spnudlOzTkVB6bUzoBt4j+z4hEq/cIfHqVdEJ+lN0
+ iu1sJk3k6ESl22OWEqQB7Rl5sAdhFPOqXsnLUNWmqA8=
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml
new file mode 100644
index 00000000..1779093a
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ 9XBpYbFplNqqF7U/QtCHYE20U7oIxcyCr0L19MlenNo=
+ </SignatureValue>
+ <KeyInfo>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <OAEPparams>
+ MTIzNDU2Nzg=
+ </OAEPparams>
+ </EncryptionMethod>
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>
+ MIICkjCCAfugAwIBAgIGAOxN32E+MA0GCSqGSIb3DQEBBQUAMG4xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFTATBgNVBAMTDFRyYW5zaWVu
+ dCBDQTAeFw0wMjAyMjgxNzUyNDZaFw0wMzAyMjgxNzUyNDBaMG8xCzAJBgNVBAYT
+ AklFMQ8wDQYDVQQIEwZEdWJsaW4xJDAiBgNVBAoTG0JhbHRpbW9yZSBUZWNobm9s
+ b2dpZXMgTHRkLjERMA8GA1UECxMIWC9TZWN1cmUxFjAUBgNVBAMTDU1lcmxpbiBI
+ dWdoZXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAORdNSxbNFWlQeNsOlYJ
+ 9gN9eZD+rguRqKhmhOm7i63VDd5ALm2APXhqAmGBPzLN5jlL9g2XALK5WSO4XKjJ
+ McVfYg4+nPuOeHgqdD4HUgf19j/6SaTMcmDFJQMmx1Qw+Aakq3mGcSfvOJcBZctz
+ a50VucfCGL1NdfBEcaL3BnhjAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIFoDARBgNV
+ HQ4ECgQIjFG0ZGNyvNswEwYDVR0jBAwwCoAIhJXVlhr6O4wwDQYJKoZIhvcNAQEF
+ BQADgYEAXzG7x5aCJYRusTbmuZqhidGM5iiA9+RmZ4JTPDEgbeiTiJROxpr+ZjnA
+ TmsDKrCpqNUiHWjmsKEArYQp8R/KjdKl/pVe3jUvTxb0YZ+li/7k0GQ5LyRT/K4c
+ 2SgyLlyBPhpMq+z3g4P2egVRaZbxsLuKQILf7MIV/X5iAEBzu1w=
+ </X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ NGIOL9UzhGwPYvVzbBxOGzxXfTIkzIsmtNSkWA03p64aS41vVA0sKWvcr/79Nf7T
+ 6RdA61TmwOKa5GDUYRumEadC7Z0zKFDKcuN78iJzlj2WwVqr5vBx14X2BSVW+de1
+ UTmXRZFRosFOk9etvD7Lm1V+kqIxqSrod68G8gJvGrY=
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml b/docs/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml
new file mode 100644
index 00000000..532800bb
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" />
+ <DigestValue>ixv9ZpIiqEzBC3Uztm5Rl6tXd9Q=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ kwV4uELL96oFm8/+VGzq+xAOgUg=
+ </SignatureValue>
+ <KeyInfo>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-tripledes" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>bob</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ gHMpx5iF7+KXtNHLasZrkcLHn8Ti4rxUjCIRK+IcgbQir6FUsQ/uxQ3o8enEMWq1
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml b/docs/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml
new file mode 100644
index 00000000..535510c7
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <DigestValue>eI1OLVStn6Z4q7Byq8XGUJ4bce1LMSlanI6o+SvYzt0=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ cOQGJE3d3fXi1BIfdvr1v6tz/4lt9xGznfyDPXEvc4Q=
+ </SignatureValue>
+ <KeyInfo>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>job</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ rPnY/XoSGCbuwy7vpslf29rs9dbvSCmGFOjEs3LT6g/qyZjfDA+2fQ==
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml b/docs/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml
new file mode 100644
index 00000000..836aba22
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" />
+ <DigestValue>bWetGDV3M5oEiecfEHILQxVQRa1XgdY37VH8eWi9yVVx7Rr7UNhk+v6Jk7sMNPoA</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ iEjhOJoKiwsOBduxHj7bxILSsl6TLhNO3w/vlRcw9RZAe24HIxLRfhj4Xqsz1Orr
+ </SignatureValue>
+ <KeyInfo>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes192" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jeb</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ 19D633XVohP6UJvaVRAhJek+ahtM3gOiVs6nZyAasDEb+WCUQOcWZw==
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml b/docs/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml
new file mode 100644
index 00000000..9adfafd8
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" />
+ <DigestValue>c8+KT9+qCSbNpdZm7/dp9Mv/lgF51ATycY0Ttz/0bw2p5nvnmeEgQpIPw5HhVJ9Ku6dDf0RKVVR/CsYvPGfnEg==</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ zB8ZUo9bQxzxnxW2aZ217eu//1e5xHB6RlfEOFOlx1l5PIhadKAlQo0z1D9B2HVU
+ Kj4StSnlUsrvDo2BxgiAoA==
+ </SignatureValue>
+ <KeyInfo>
+ <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <KeyName>jed</KeyName>
+ </KeyInfo>
+ <CipherData>
+ <CipherValue>
+ tPCC89jQShB+WDINCdRfKgf8wTlAx8xRXD73RmEHPBfix8zS1N82KQ==
+ </CipherValue>
+ </CipherData>
+ </EncryptedKey>
+ </KeyInfo>
+</Signature>
diff --git a/docs/tests/merlin-xmlenc-five/ids.p12 b/docs/tests/merlin-xmlenc-five/ids.p12
new file mode 100644
index 00000000..503960f8
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/ids.p12
Binary files differ
diff --git a/docs/tests/merlin-xmlenc-five/plaintext.txt b/docs/tests/merlin-xmlenc-five/plaintext.txt
new file mode 100644
index 00000000..9d04ac31
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/plaintext.txt
@@ -0,0 +1 @@
+top secret message
diff --git a/docs/tests/merlin-xmlenc-five/plaintext.xml b/docs/tests/merlin-xmlenc-five/plaintext.xml
new file mode 100644
index 00000000..26907987
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/plaintext.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <BillingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </BillingAddress>
+ <CreditCard Type="Amex">
+ <Name>Foo B Baz</Name>
+ <Number>1234 567890 12345</Number>
+ <Expires Month="1" Year="2005" />
+ </CreditCard>
+ </PaymentInfo>
+</PurchaseOrder>
diff --git a/docs/tests/merlin-xmlenc-five/rsa.p8 b/docs/tests/merlin-xmlenc-five/rsa.p8
new file mode 100644
index 00000000..6a7d8282
--- /dev/null
+++ b/docs/tests/merlin-xmlenc-five/rsa.p8
Binary files differ
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 12:41:39 +0000