You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by mu...@apache.org on 2006/01/30 21:51:20 UTC
svn commit: r373583 -
/xml/security/branches/jsr105_0_16/data/ie/baltimore/merlin-examples/merlin-xmldsig-sixteen/bad-signature.xml
Author: mullan
Date: Mon Jan 30 12:51:16 2006
New Revision: 373583
URL: http://svn.apache.org/viewcvs?rev=373583&view=rev
Log:
This is merlin's sixteen signature but some of the referenced contents
have been modified. This will be used in a test to make sure the signature
is invalid (some of the references should be invalid)- this addresses a
problem - there are very few if any tests that test bad signatures.
Added:
xml/security/branches/jsr105_0_16/data/ie/baltimore/merlin-examples/merlin-xmldsig-sixteen/bad-signature.xml
Added: xml/security/branches/jsr105_0_16/data/ie/baltimore/merlin-examples/merlin-xmldsig-sixteen/bad-signature.xml
URL: http://svn.apache.org/viewcvs/xml/security/branches/jsr105_0_16/data/ie/baltimore/merlin-examples/merlin-xmldsig-sixteen/bad-signature.xml?rev=373583&view=auto
==============================================================================
--- xml/security/branches/jsr105_0_16/data/ie/baltimore/merlin-examples/merlin-xmldsig-sixteen/bad-signature.xml (added)
+++ xml/security/branches/jsr105_0_16/data/ie/baltimore/merlin-examples/merlin-xmldsig-sixteen/bad-signature.xml Mon Jan 30 12:51:16 2006
@@ -0,0 +1,249 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE Envelope [
+ <!ENTITY dsig "http://www.w3.org/2000/09/xmldsig#">
+ <!ENTITY c14n "http://www.w3.org/TR/2001/REC-xml-c14n-20010315">
+ <!ENTITY xpath "http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <!ENTITY xslt "http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <!ATTLIST Notaries Id ID #IMPLIED>
+]>
+<!-- Preamble -->
+<Envelope xmlns:foo="http://www.usps.gov/foo" xmlns="http://www.usps.gov/">
+ <DearSir>foo</DearSir>
+ <Body>bar</Body>
+ <YoursSincerely>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="signature">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <Reference URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ <Reference URI="http://xmldsig.pothole.com/xml-stylesheet.txt">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-1">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath>
+ self::text()
+ </XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ ancestor-or-self::dsig:SignedInfo
+ and
+ count(ancestor-or-self::dsig:Reference |
+ here()/ancestor::dsig:Reference[1]) >
+ count(ancestor-or-self::dsig:Reference)
+ or
+ count(ancestor-or-self::node() |
+ id('notaries')) =
+ count(ancestor-or-self::node())
+ </XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>DkRNHKuQgDiTy9XAAMGbyydg3BI=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-2">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zyjp8GJOX69990Kkqw8ioPXGExk=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>X9dMPL0KeDZXh9GE3vLcOtPsYjI=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties" URI="#signature-properties-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>7tHLZrC0kqOhPCiYu/WusgG4tBo=</DigestValue>
+ </Reference>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zbVZy3ycg7CyFcPzNs0C6bA3qio=</DigestValue>
+ </Reference>
+ <Reference URI="">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zbVZy3ycg7CyFcPzNs0C6bA3qio=</DigestValue>
+ </Reference>
+ <Reference URI="#xpointer(/)">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>zbVZy3ycg7CyFcPzNs0C6bA3qio=</DigestValue>
+ </Reference>
+ <Reference URI="#xpointer(/)">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>ar0/7EQyRfUZmrPPcTQFdVCt2PY=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>0aW4L0GoFzYUo4gyZSfoyZBhpuc=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#object-3">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>0aW4L0GoFzYUo4gyZSfoyZBhpuc=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>0aW4L0GoFzYUo4gyZSfoyZBhpuc=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Object" URI="#xpointer(id('object-3'))">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>1puYWb36Z5TIDmEIVd/JLR3iD8Y=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Reference" URI="#reference-2">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>MMtXLCswiEDurKMgg2r+vBPlk8Q=</DigestValue>
+ </Reference>
+ <Reference Id="reference-1" Type="http://www.w3.org/2000/09/xmldsig#Reference" URI="#manifest-reference-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>7eI/P8mppgkqXqW0+at2UGj06qs=</DigestValue>
+ </Reference>
+ <Reference Id="reference-2" Type="http://www.w3.org/2000/09/xmldsig#Reference" URI="#reference-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>l/bqIouk6Gs8eEjG0Tad0MJJgWw=</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>
+ SiMb9su56spmMlNjrWWKdkgj1hDhveaWCx5Bwpj5AuJ6T3Zy68NJ/A==
+ </SignatureValue>
+ <KeyInfo>
+ <RetrievalMethod Type="http://www.w3.org/2000/09/xmldsig#X509Data" URI="#object-4">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ ancestor-or-self::dsig:X509Data
+ </XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ </KeyInfo>
+ <Object Id="object-1" MimeType="text/plain">I am the bad text.</Object>
+ <Object Encoding="http://www.w3.org/2000/09/xmldsig#base64" Id="object-2" MimeType="text/plain">BADSSBhbSB0aGUgdGV4dC4=</Object>
+ <Object Id="object-3">
+ <NonCommentandus xmlns=""><!-- BAD Commentandum --></NonCommentandus>
+ </Object>
+ <Object>
+ <Manifest Id="manifest-1">
+ <Reference Id="manifest-reference-1" URI="http://www.w3.org/TR/xml-stylesheet">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue>
+ </Reference>
+ <Reference Type="http://www.w3.org/2000/09/xmldsig#Reference" URI="#reference-1">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>l/bqIouk6Gs8eEjG0Tad0MJJgWw=</DigestValue>
+ </Reference>
+ <Reference URI="#notaries">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://www.w3.org/TR/xhtml1/strict" exclude-result-prefixes="foo" version="1.0">
+ <xsl:output encoding="UTF-8" indent="no" method="xml" />
+ <xsl:template match="/">
+ <html>
+ <head>
+ <title>Notaries</title>
+ </head>
+ <body>
+ <table>
+ <xsl:for-each select="Notaries/Notary">
+ <tr>
+ <th>
+ <xsl:value-of select="@name" />
+ </th>
+ </tr>
+ </xsl:for-each>
+ </table>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <DigestValue>c7wq5XKos6RqNVJyFy7/fl6+sAs=</DigestValue>
+ </Reference>
+ </Manifest>
+ </Object>
+ <Object>
+ <SignatureProperties Id="signature-properties-1">
+ <SignatureProperty Target="#signature">
+ <SignerAddress xmlns="urn:demo"><IP>192.168.21.138</IP></SignerAddress>
+ </SignatureProperty>
+ </SignatureProperties>
+ </Object>
+ <Object Id="object-4">
+ <X509Data>
+ <X509SubjectName>
+ CN=Merlin Hughes,O=Baltimore Technologies\, Ltd.,ST=Dublin,C=IE
+ </X509SubjectName>
+ <X509IssuerSerial>
+ <X509IssuerName>
+ CN=Test DSA CA,O=Baltimore Technologies\, Ltd.,ST=Dublin,C=IE
+ </X509IssuerName>
+ <X509SerialNumber>970849936</X509SerialNumber>
+ </X509IssuerSerial>
+ <X509Certificate>
+ MIIDNzCCAvWgAwIBAgIEOd3+kDAJBgcqhkjOOAQDMFsxCzAJBgNVBAYTAklFMQ8w
+ DQYDVQQIEwZEdWJsaW4xJTAjBgNVBAoTHEJhbHRpbW9yZSBUZWNobm9sb2dpZXMs
+ IEx0ZC4xFDASBgNVBAMTC1Rlc3QgRFNBIENBMB4XDTAwMTAwNjE2MzIxNVoXDTAx
+ MTAwNjE2MzIxNFowXTELMAkGA1UEBhMCSUUxDzANBgNVBAgTBkR1YmxpbjElMCMG
+ A1UEChMcQmFsdGltb3JlIFRlY2hub2xvZ2llcywgTHRkLjEWMBQGA1UEAxMNTWVy
+ bGluIEh1Z2hlczCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQDaJjfDTrawMHf8MiUt
+ Y54b37hSmYNnR3KpGT10uU1Dqppcju06uN0iGbqf947DjkBC25hKnqykK31xBw0E
+ CPbYq/KC98kghdf2xJCu6B8aqJ95K9jdVflJ3WP7PQxJn+fmM23zy6HYLXVICpfq
+ etdNj/VHCShZE3bdJiE6VobSFQIVAPQecqS2PaTDprcQnkwx4MHTRXhrAoGAMuGA
+ lqeB1ax+vyO2+Osubjhl7pHxLu47RIH+/M52DjESA9KMSrwzsYx8yNR2WooByrE0
+ t6fu0VncK7UK8olO4t7wpv2z4AFQPRVCKFwo0qgn5aKIkICGMlrRy81avb27wGcW
+ othx3iPPMtFXtoDqK0JItaI9R8zc1msFhM1GKMYDgYQAAoGActA8YGxrtngg/zKV
+ vqEOefnwmViFztcnPBYPlJsvh6yKI4iDm68fnp4Mi3RrJ6bZAygFrUIQLxLjV+OJ
+ tgJAEto0xAs+Mehuq1DkSFEpP3oDzCTOsrOiS1DwQe4oIb7zVk/9l7aPtJMHW0LV
+ lMdwZNFNNJoqMcT2ZfCPrfvYvQ2jRzBFMB4GA1UdEQQXMBWBE21lcmxpbkBiYWx0
+ aW1vcmUuaWUwDgYDVR0PAQH/BAQDAgeAMBMGA1UdIwQMMAqACEJZQG0KwRbPMAkG
+ ByqGSM44BAMDMQAwLgIVAK4skWEFYgrggaJA8vYAwSjg12+KAhUAwHTo7wd4tENw
+ 9LAKPklQ/74fH18=
+ </X509Certificate>
+ </X509Data>
+ </Object>
+ </Signature>
+ </YoursSincerely>
+ <PostScript>bar</PostScript>
+ <Notaries xmlns="" Id="notaries">
+ <Notary name="Great, A. T." />
+ <Notary name="Hun, A. T." />
+ </Notaries>
+ <!-- Commentary -->
+</Envelope>
+<!-- Postamble -->