santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Raul Benito" <r...@apache.org>
Subject Re: Basic hash value question
Date Thu, 07 Dec 2006 19:08:08 GMT
Hi Ulrich,
It seems to me that you need enveloped transformation. Can you post how you
do signing?
Regards,

On 12/6/06, Ulrich Ackermann <ulrich.ackermann@web.de> wrote:
>
> Hello Dominik,
>
> If I take your Base64 encoded SHA-1 hash value and make a hex string out
> of it, I get exactly what you stated as your CrypTool result.
> It seems to me, that your conversion from Base64 to hex string is
> incorrect.
>
> I used the following code:
> String base64Encoded = "oZMIFC8bdyDbF4e42QF2ugr+30M=";
> sun.misc.BASE64Decoder base64Decoder = new sun.misc.BASE64Decoder();
> byte[] rawBytesFromBase64Encoded = base64Decoder.decodeBuffer
> (base64Encoded);
> String hexFromBase64 = new String(
>     org.bouncycastle.util.encoders.Hex.encode(rawBytesFromBase64Encoded));
> System.out.println("hexFromBase64 = " + hexFromBase64);
>
> And that gives the following output, which is what you expected:
> hexFromBase64 = a19308142f1b7720db1787b8d90176ba0afedf43
>
>
> Cheers,
> Ulrich
>
>
> -----Ursprüngliche Nachricht-----
> Von: security-dev@xml.apache.org
> Gesendet: 06.12.06 21:45:05
> An: security-dev@xml.apache.org
> Betreff: RE: Basic hash value question
>
>
> Hello again,
>
> Thanks for the answer before. I discovered an online tool doing exactly
> what I wanted:
> http://www.softwaremaker.net/DotNetApps/B64BytDecHex/index.aspx
>
> After playing around a little bit I discovered a difference in the hash
> values calculated by the Apache XML Security API and CrypTool for example.
> When I sign <test>Test</test> with XML sec (as String input), the SHA-1 hash
> value is oZMIFC8bdyDbF4e42QF2ugr+30M= (in hex 0AE2 5D13 5076 7541 5DD5 D90B
> 652C D0E6 F8FA 3188). In CrypTool (as editor input, not as XML file) the
> SHA-1 hash value is A193 0814 2F1B 7720 DB17 87B8 D901 76BA 0AFE DF43.
>
> How is that difference explainable? There is nothing to canonicalize (no
> spaces, nothing), no transformations are applied. So the input text is
> exactly the same both times. Ergo the hash values should be exactly the same
> both times?!
>
> Where is my mistake, what am I not understanding correctly? What do I have
> to do to make both hash values comparable?
>
> Thanks again! Dominik
>
> > -----Ursprüngliche Nachricht-----
> > Von: security-dev@xml.apache.org
> > Gesendet: 06.12.06 00:02:42
> > An: <security-dev@xml.apache.org>
> > Betreff: RE: Basic hash value question
>
>
> > > As far as I understand, the DigestValue is the base64
> > > representation of the calculated binary hash value. How can I
> > > compare this calculated SHA1 hash value with the one
> > > calculated with a different tool where the hash value looks
> > > something like 8011 FAB5 3D6D 20D0 E8B5 3F72 00F1 7D81 E8F1 F050?
> >
> > If you have a hex encoded version of a hash, you have to convert that
> back
> > to binary form and then you can base64 encode that to compare it.
> >
> > -- Scott
> >
> >
>
>
>
> ______________________________________________________________________________
> "Ein Herz für Kinder" - Ihre Spende hilft! Aktion:
> www.deutschlandsegelt.de
> Unser Dankeschön: Ihr Name auf dem Segel der 1. deutschen America's
> Cup-Yacht!
>
>
>
>
>
> ______________________________________________________________________________
> "Ein Herz für Kinder" - Ihre Spende hilft! Aktion:
> www.deutschlandsegelt.de
> Unser Dankeschön: Ihr Name auf dem Segel der 1. deutschen America's
> Cup-Yacht!
>
>


-- 
http://r-bg.com

Mime
View raw message