C14N issues
From: Sébastien Pouliot (spouliot_at_videotron.ca)
Date: 05/25/03
- Previous message: Christian Staffe: "Windows Authentication with WSE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 24 May 2003 19:34:59 -0400
Hello all,
I've not been able to C14Nize most W3C examples
(http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2000OctDec/att-0059/01
-merlin-xmldsig-eight.tar.gz) using the .NET framework (and strangely I had
no difficulties with the XMLDSIG samples).
But the weirdest part is that I get different (and mostly invalid) results
using different XmlDsigC14NTransform.LoadInput () methods. In fact I
received different length when using LoadInput (XmlDocument) than when using
LoadInput (Stream).
Here's an example
static public byte[] example1xml = {
0x3C, 0x3F, 0x78, 0x6D, 0x6C, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6F,
0x6E, 0x3D, 0x22, 0x31, 0x2E, 0x30, 0x22, 0x3F, 0x3E, 0x0D, 0x0A, 0x0D,
0x0A, 0x3C, 0x3F, 0x78, 0x6D, 0x6C, 0x2D, 0x73, 0x74, 0x79, 0x6C, 0x65,
0x73, 0x68, 0x65, 0x65, 0x74, 0x20, 0x20, 0x20, 0x68, 0x72, 0x65, 0x66,
0x3D, 0x22, 0x64, 0x6F, 0x63, 0x2E, 0x78, 0x73, 0x6C, 0x22, 0x0D, 0x0A,
0x20, 0x20, 0x20, 0x74, 0x79, 0x70, 0x65, 0x3D, 0x22, 0x74, 0x65, 0x78,
0x74, 0x2F, 0x78, 0x73, 0x6C, 0x22, 0x20, 0x20, 0x20, 0x3F, 0x3E, 0x0D,
0x0A, 0x0D, 0x0A, 0x3C, 0x21, 0x44, 0x4F, 0x43, 0x54, 0x59, 0x50, 0x45,
0x20, 0x64, 0x6F, 0x63, 0x20, 0x53, 0x59, 0x53, 0x54, 0x45, 0x4D, 0x20,
0x22, 0x64, 0x6F, 0x63, 0x2E, 0x64, 0x74, 0x64, 0x22, 0x3E, 0x0D, 0x0A,
0x0D, 0x0A, 0x3C, 0x64, 0x6F, 0x63, 0x3E, 0x48, 0x65, 0x6C, 0x6C, 0x6F,
0x2C, 0x20, 0x77, 0x6F, 0x72, 0x6C, 0x64, 0x21, 0x3C, 0x21, 0x2D, 0x2D,
0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x20, 0x31, 0x20, 0x2D,
0x2D, 0x3E, 0x3C, 0x2F, 0x64, 0x6F, 0x63, 0x3E, 0x0D, 0x0A, 0x0D, 0x0A,
0x3C, 0x3F, 0x70, 0x69, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x6F, 0x75, 0x74,
0x2D, 0x64, 0x61, 0x74, 0x61, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3F, 0x3E,
0x0D, 0x0A, 0x0D, 0x0A, 0x3C, 0x21, 0x2D, 0x2D, 0x20, 0x43, 0x6F, 0x6D,
0x6D, 0x65, 0x6E, 0x74, 0x20, 0x32, 0x20, 0x2D, 0x2D, 0x3E, 0x0D, 0x0A,
0x0D, 0x0A, 0x3C, 0x21, 0x2D, 0x2D, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65,
0x6E, 0x74, 0x20, 0x33, 0x20, 0x2D, 0x2D, 0x3E, 0x0D, 0x0A };
static public byte[] example1c14n = {
0x3C, 0x3F, 0x78, 0x6D, 0x6C, 0x2D, 0x73, 0x74, 0x79, 0x6C, 0x65, 0x73,
0x68, 0x65, 0x65, 0x74, 0x20, 0x68, 0x72, 0x65, 0x66, 0x3D, 0x22, 0x64,
0x6F, 0x63, 0x2E, 0x78, 0x73, 0x6C, 0x22, 0x0D, 0x0A, 0x20, 0x20, 0x20,
0x74, 0x79, 0x70, 0x65, 0x3D, 0x22, 0x74, 0x65, 0x78, 0x74, 0x2F, 0x78,
0x73, 0x6C, 0x22, 0x20, 0x20, 0x20, 0x3F, 0x3E, 0x0D, 0x0A, 0x3C, 0x64,
0x6F, 0x63, 0x3E, 0x48, 0x65, 0x6C, 0x6C, 0x6F, 0x2C, 0x20, 0x77, 0x6F,
0x72, 0x6C, 0x64, 0x21, 0x3C, 0x2F, 0x64, 0x6F, 0x63, 0x3E, 0x0D, 0x0A,
0x3C, 0x3F, 0x70, 0x69, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x6F, 0x75, 0x74,
0x2D, 0x64, 0x61, 0x74, 0x61, 0x3F, 0x3E };
public void Merlin1 ()
{
XmlDocument xd = new XmlDocument ();
xd.PreserveWhitespace = true;
xd.LoadXml (Encoding.UTF8.GetString (MerlinC14NTest.example1xml));
XmlDsigC14NTransform transform = new XmlDsigC14NTransform ();
transform.LoadInput (xd);
MemoryStream outputXmlDocument = (MemoryStream) transform.GetOutput ();
MemoryStream ms = new MemoryStream (MerlinC14NTest.example1xml);
transform.LoadInput (ms);
MemoryStream outputStream = (MemoryStream) transform.GetOutput ();
if (outputXmlDocument.Length != outputStream.Length)
Console.WriteLine ("Why ?");
else
Console.WriteLine ("Logic!");
}
Note that in this sample both results (from XmlDocument or Stream) aren't
the expected C14N result from W3C.
Any idea ?
Thanks
Sebastien Pouliot
Security Architect, Motus Technologies, http://www.motus.com/
work: spouliot@motus.com
home: spouliot@videotron.ca
- Previous message: Christian Staffe: "Windows Authentication with WSE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
