Interop

From XML Security WG Wiki
(Redirected from InteropPlanning)
Jump to: navigation, search

Interop Test Reports (include test cases and interop test results)

Draft XML Signature 1.1 interop test report

Draft XML Encryption 1.1 interop test report

Back to Working Group Home Page

The following is older wiki material. Please refer to the interop test reports.

XML Signature 1.1 Core: New required SHA algorithms

Various combinations of the following

  • Digest algorithm - SHA1/256/384/512
  • Signature algorithm - DSA-SHA1, RSA 1024/2048-SHA256/384/512, HMAC-SHA256/384/512
  • Canonicalization algorithm - C14N 1.0, C14N 1.1, Exc C14N 1.0


Sun's test vectors - 18 files

  • 3 files: Digest = SHA1, Signature = HMAC-SHA256 / HMAC-SHA384 / HMAC-SHA512, Canonicalization = C14N 1.1
  • 3 files: Digest = SHA1, Signature = RSA-SHA256 / RSA-SHA384 / RSA-SHA512, Canonicalization = C14N 1.1
  • 3 files: Digest = SHA-256/ SHA-384 / SHA-512, Signature = RSA-SHA256, Canonicalization = C14N 1.1
  • 9 files: All of the above repeated for C14n 1.0


Oracle's test vectors - 9 files (same as sun's, C14n 1.0 only)

  • 3 files: Digest = SHA1, Signature = HMAC-SHA256 / HMAC-SHA384 / HMAC-SHA512, Canonicalization = C14N 1.0
  • 3 files: Digest = SHA1, Signature = RSA-SHA256 / RSA-SHA384 / RSA-SHA512, Canonicalization = C14N 1.0
  • 3 files: Digest = SHA-256/ SHA-384 / SHA-512, Signature = RSA-SHA256, CCanonicalization = C14N 1.0


Microsoft's test vectors - 14 files

  • 2 files: Digest = SHA1, Signature = DSA-SHA1, Canonicalization = C14N1.0 / Exc C14N 1.0
  • 4 files: Digest = SHA1, Signature = HMAC-SHA1/HMAC-SHA256/HMAC-SHA384/HMAC-SHA512, Canonicalization = Exc C14N 1.0
  • 8 files: Digest = SHA1/SHA256/SHA384/SHA512, Signature = RSA2048-SHA1/RSA2048-SHA256/RSA2048-SHA384/RSA2048-SHA512, Canonicalization = C14n 1.0 / Exc C14N 1.0


HMAC key

  • All of Sun signatures are use "secret"
  • All of Oracle's signature use "testkey"
  • Microsoft's signatures use keys that are stored in the files secret-sha1.hmac, secret-sha256.hmac, secret-sha384.hmac, secret-sha512.hmac

Interop status

  • Partipants: Oracle, Microsoft, Sun
  • Each participant has verified all of these files. (except Microsoft not verifying C14N 1.1)

See test file directory .

The following are the SHA-224 tests:

https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-rsa-sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-sha224-rsa_sha256.xml

XML Signature 1.1 Core: Elliptic Curve algorithms

Various combinations of the following

  • Digest algorithm - SHA1/256/384/512
  • Signature algorithm - ECDSA (P256/P384/P521 with SHA1/SHA256/SHA384/SHA512)
  • Canonicalization algorithm - C14N 1.0, Exc C14N 1.0
  • KeyInfo format - RFC 4050 style ECDSA KeyValue, XML signature 1.1 style ECKeyValue


Microsoft's test vectors - 48 files

  • 12 files: Digest = SHA1/SHA256/SHA384/SHA512, Signature = ECDSA (P256/P384/P521 with SHA1/SHA256/SHA384/SHA512), RFC4050 ECDSAKeyValue
  • 12 files: All of the above but with Exclusive C14N 1.0
  • 12 files: Digest = SHA1/SHA256/SHA384/SHA512, Signature = ECDSA (P256/P384/P521 with SHA1/SHA256/SHA384/SHA512), XML Signature 1.1 ECKeyValue
  • 12 files: All of the above but with Exclusive C14N 1.0

Oracle's test vectors - 18 files

  • 12 files: Digest = SHA1/SHA256/SHA384/SHA512, Signature = ECDSA (P256/P384/P521 with SHA1/SHA256/SHA384/SHA512), RFC4050 ECDSAKeyValue
  • 12 files: all of the above XML Signature 1.1 ECKeyValue


Interop status

  • Partipants: Oracle, Microsoft
  • Each participant has verified all of these files.


See test file directory .

The following are the SHA-224 tests:

https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p256_sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p384_sha224.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-p521_sha224.xml

XML Signature 1.1 HMACOutputLength

The following are test vectors for HMACOutputLength verification:

https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha1-truncated40.xml https://www.w3.org/2008/xmlsec/Group/interop/xmldsig11/oracle/signature-enveloping-hmac-sha1-truncated160.xml

The first one is truncated to 40 bytes, so it should be rejected. The second one is not truncated at all, so it should be accepted.

XML Security 1.1 Core: Elliptic Curve key values

  • ECKeyValue
  • ECDH KeyValues (XML Encryption)

XML Security 1.1 Core: Elliptic Curve for Encryption

  • ECDH-ES (XML Encryption) - Oracle

XML Security 1.1 Core: Other items

  • AES Keywrap with padding (XML Encryption) RFC 5649
  • OCSP - add and read OCSP information successfully (Sun?)
  • DEREncodedKeyValue (Sun?)
  • RFC4050 compatibility (4.4.2.3.2) ? DONE
  • Required Exclusive C14N - note that implemented or interop? DONE
  • XPath 2.0

XML Encryption 1.1 Key Derivation using ConcatKDF and PBKDF2

Test case 1: EncryptedData with content encryption key derived from shared secret. Key derivation method: ConcatKDF (http://www.w3.org/2009/xmlenc11#ConcatKDF).

Test case 2: EncryptedData with content encryption key derived from shared secret password. Key derivation method: PBKDF2 (http://www.w3.org/2009/xmlenc11#pbkdf2).

Interop status

  • Partipants: IBM, Microsoft
  • Each participant has verified all of these files.

See test file directory

Signature Properties

  • Interop signature properties


Suite B Interop information

See http://www.w3.org/2008/xmlsec/Drafts/testing/suiteb-interoperability.html