XML Signature 1.1 Interop Test Report

W3C Editor's Draft 09 November 2012

This version:
Latest published version:
Latest editor's draft:
Frederick Hirsch
Pratik Datta


This document is the interop report for new features introduced in XML Signature 1.1. It includes the test cases and test results for these new features. It does not replicate interop testing performed for features retained from XML Signature 1.0.

Status of This Document

This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at http://www.w3.org/TR/.

This document was published by the XML Security Working Group as an Editor's Draft. If you wish to make comments regarding this document, please send them to public-xmlsec@w3.org (subscribe, archives). All feedback is welcome.

Publication as an Editor's Draft does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.

This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.

Table of Contents

1. Introduction

This document summarizes interop tests and the test results for new features introduced in XML Signature 1.1 [XMLDSIG-CORE1]. Changes to XML Signature introduced in XML Signature 1.1 are summarized in a detailed change explanation document [XMLDSIG-CORE1-CHGS].

Tests that are marked 'Y' are completed, 'U' means 'untested' and should not be taken to make a statement about the implementation (as testing may simply not have been performed for interop due to timing or other reasons).

2. Elliptic Curve Algorithms (Interop testing completed)

2.1 Summary of Changes

2.2 Elliptic Curve Test Cases (not including SHA-224)

Various combinations of the following

Microsoft's test vectors - 48 files

Oracle's test vectors - 18 files

2.3 Elliptic Curve Test Results (not including SHA-224)

See test file directory.

Signature AlgorithmDigestCanonicalizationECKeyValueMicrosoftOracle
ECDSA (P256/P384/P521] withSHA-1Excl C14NECKeyValueYY
ECDSA (P256/P384/P521] withSHA-256Excl C14NECKeyValueYY
ECDSA (P256/P384/P521] withSHA-384Excl C14NECKeyValueYY
ECDSA (P256/P384/P521] withSHA-512Excl C14NECKeyValueYY

2.4 Elliptic Curve SHA-224 Test Cases

The following are the SHA-224 tests:

2.5 Elliptic Curve SHA-224 Test Results

Signature AlgorithmDigestOracleApache Santuario (C++)
ECDSA (P256/P384/P521] withSHA-224YY

3. SHA Algorithms (Interop testing completed)

3.1 Summary of Changes

3.2 SHA Test Cases (not including SHA-224)

Various combinations of the following

Sun's test vectors - 18 files

Oracle's test vectors - 9 files (same as sun's, C14n 1.0 only)

Microsoft's test vectors - 14 files

HMAC key

3.3 SHA Test Results (not including SHA-224)


3.4 SHA-224 Test Cases

3.5 SHA-224 Test Results

DigestSignatureOracleApache Santuario (C++)

4. X509Data Additions

4.1 Summary of Changes

Note: X509Digest was added to correct issues with X509IssuerSerial.

4.2 X509Data Test Cases

4.3 X509Data Test Results

ItemOpenSAML (Shibboleth)Oracle

5. KeyInfo Additions

5.1 Summary of Changes

5.2 KeyInfo Test Cases

5.3 KeyInfo Test Results

ItemApache Santuario (C++)OpenSAML (Shibboleth)Oracle
DEREncodedKeyValue (both EC and RSA)YUY

Note: Same author for both Apache Santuario (C++) and OpenSAML (Shibboleth) implementations. In OpenSaml reproduced the X509Digest material by consuming the same keypair and successfully processing the KeyInfoReference after copying it into a SAML document.

6. HMACOutputLength verification

6.1 Summary of Changes

6.2 HMACOutputLength Test Cases

The following are test vectors for HMACOutputLength verification:

The first one is truncated to 40 bytes, so it should be rejected. The second one is not truncated at all, so it should be accepted.

6.3 HMACOutputLength Test Results

HMACOutputLengthOracleApache Santuario (C++)
Truncated 40 (invalid)YY
Truncated 160 (valid)YY

7. Additional Algorithm additions and changes (previously interop tested)

The following algorithms were added or changed in XML Signature 1.1 but were not included in this round of interop testing as they have been previously tested during the development of the corresponding W3C Recommendations:

A. References

A.1 Informative references

S. Kelly, S. Frankel. Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec IETF RFC 4868. May 2007. URL: http://www.ietf.org/rfc/rfc4868.txt
Donald E. Eastlake 3rd; Joseph Reagle; John Boyer. Exclusive XML Canonicalization Version 1.0. 18 July 2002. W3C Recommendation. URL: http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/
Joseph Reagle; et al. XML Signature Syntax and Processing (Second Edition). 10 June 2008. W3C Recommendation. URL: http://www.w3.org/TR/2008/REC-xmldsig-core-20080610
D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, K. Yiu. XML Signature Syntax and Processing Version 1.1. 18 October 2012. W3C Last Call Working Draft. (Work in progress) URL: http://www.w3.org/TR/2012/WD-xmldsig-core1-20121018/
Frederick Hirsch. Functional Explanation of Changes in XML Signature 1.1. 18 October 2012. W3C Working Group Note. URL: http://www.w3.org/TR/2012/NOTE-xmldsig-core1-explain-20121018/
Merlin Hughes; John Boyer; Joseph Reagle. XML-Signature XPath Filter 2.0. 8 November 2002. W3C Recommendation. URL: http://www.w3.org/TR/2002/REC-xmldsig-filter2-20021108/