Test cases for XML Encryption 1.1

W3C Working Draft 05 January 2012

This version:
Latest published version:
Latest editor's draft:
Pratik Datta, pratik.datta@oracle.com
Frederick Hirsch, frederick.hirsch@nokia.com


This document outlines test cases for XML Encryption 1.1 [XMLENC-CORE1].

Status of This Document

This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at http://www.w3.org/TR/.

This is a first public working draft of Test Cases for XML Encryption 1.1 [XMLENC-CORE1] and is intended to become a W3C Note. The XML Security working group plans to revise and add additional test cases to this document.

This document was published by the XML Security Working Group as a First Public Working Draft. If you wish to make comments regarding this document, please send them to public-xmlsec@w3.org (subscribe, archives). All feedback is welcome.

Publication as a Working Draft does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.

This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. The group does not expect this document to become a W3C Recommendation. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.

Table of Contents

1. Introduction

This document has various test cases for XML Encryption 1.1 [XMLENC-CORE1]. All the test files are available in this directory: files.
The test cases are organized as follows:

2. In-place encryption of XML

All the tests in this section take the plaintext.xml and encrypt it in-place, i.e. the root element of the plaintext.xml is replaced by <EncryptedData>. The details about the encryption key are embedded in the <KeyInfo>

2.1 Key wrapping

In these tests the
Encryption Parameters CipherText Remarks
Content encryption
Key encryption
RSA-2048 aes128-gcm rsa-oaep-mgf1p
Digest:SHA256, MGF:SHA1
PSource: None
cipherText All the examples in this table use the new AES-GCM algorithm.
RSA-3072 aes192-gcm rsa-oaep-mgf1p
Digest:SHA256, MGF:SHA1
PSource: None
cipherText In this example the OAEP digest method is specified as SHA256. The MFG algorithm is SHA1.
RSA-3072 aes256-gcm rsa-oaep
Digest:SHA384, MGF:SHA1
PSource: None
cipherText This example uses the new #rsa-oaep algorithm that takes in explicit MGF algorithm. The MGF has been specified as SHA1.
RSA-4096 aes256-gcm rsa-oaep
Digest:SHA512, MGF:SHA1
PSource: Specified 8 bytes
cipherText This also uses #rsa-oaep but has a 8 byte PSource explicitly defined .

2.2 Key Agreement

In these tests the
Encryption Parameters CipherText Remarks
Content encryption
Key Wrapping
Key Agreement
Key Derivation
EC-P256 aes128-gcm kw-aes128 ECDH-ES ConcatKDF cipherText In the first three examples the key wrapping algorithm size matches the symmetric algorithm key size. This is not required, the AES key wrapping algorithms can encrypt any data that is a multiple of 64 bits.
EC-P384 aes192-gcm kw-aes192 ECDH-ES ConcatKDF cipherText
EC-P521 aes256-gcm kw-aes256 ECDH-ES ConcatKDF cipherText
DH-1024 aes128-gcm kw-aes128 dh-es PBKDF2 cipherText This example encrypts with a Diffie Hellman key with with the new algorithm #dh-es in which the key derivation function is explicitly specified.
EC-P256 aes128-gcm kw-aes256 ECDH-ES PBKDF2 cipherText This example uses EC keys, but not the ConcatKDF key derivation function. Instead it uses the PBKDF2 key derivation. Also notice that the encryption algorithm and key wrapping algorithm have different key lengths - 128 and 256 respectively . The PBKDF2 parameters specifies a key length of 32 to match the wrapping algorithm key length.

A. References

Dated references below are to the latest known or appropriate edition of the referenced work. The referenced works may be subject to revision, and conformant implementations may follow, and are encouraged to investigate the appropriateness of following, some or all more recent editions or replacements of the works cited. It is in each case implementation-defined which editions are supported.

A.1 Normative references

J. Reagle; D. Eastlake; F. Hirsch; T. Roessler. XML Encryption Syntax and Processing Version 1.1. 5 January 2012. W3C Last Call Working Draft. (Work in progress.) URL: http://www.w3.org/TR/2012/WD-xmlenc-core1-20120105/

A.2 Informative references

No informative references.