Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm
Precedence: bulk
Reply-To: security-dev@xml.apache.org
Received-SPF: pass (herse.apache.org: local policy)
Date: Fri, 08 Dec 2006 14:43:48 +0100
Message-Id: <1831251863@web.de>
MIME-Version: 1.0
From: Ulrich Ackermann <ulrich.ackermann@web.de>
To: security-dev@xml.apache.org
Subject: Re: Basic hash value question
Organization: http://freemail.web.de/
Content-Type: text/plain; charset=iso-8859-15
Content-Transfer-Encoding: quoted-printable

Hello Raul,

I'm not quite sure if I understood your question right. There was no signi=
ng and transforming involved outside the code I posted. I just took the Ba=
se64 encoded String and converted it into a hex String to show, that it ma=
tched the result Dominik got from the CrypTool.

Maybe your question was meant for Dominik=3F

Cheers, Ulrich

-----Urspr=FCngliche Nachricht-----
Von: security-dev@xml.apache.org
Gesendet: 07.12.06 20:09:13
An: security-dev@xml.apache.org
Betreff: Re: Basic hash value question

Hi Ulrich,
It seems to me that you need enveloped transformation. Can you post how yo=
u do signing=3F
Regards,


On 12/6/06, Ulrich Ackermann <
ulrich.ackermann@web.de> wrote:Hello Dominik,

If I take your Base64 encoded SHA-1 hash value and make a hex string out o=
f it, I get exactly what you stated as your CrypTool result.

It seems to me, that your conversion from Base64 to hex string is incorrec=
t.

I used the following code:
String base64Encoded =3D "oZMIFC8bdyDbF4e42QF2ugr+30M=3D";
sun.misc.BASE64Decoder base64Decoder =3D new sun.misc.BASE64Decoder();
byte[] rawBytesFromBase64Encoded =3D base64Decoder.decodeBuffer(base64Encode=
d);
String hexFromBase64 =3D new String(
    org.bouncycastle.util.encoders.Hex.encode(rawBytesFromBase64Encoded));=


System.out.println("hexFromBase64 =3D " + hexFromBase64);

And that gives the following output, which is what you expected:
hexFromBase64 =3D a19308142f1b7720db1787b8d90176ba0afedf43


Cheers,
Ulrich


-----Urspr=FCngliche Nachricht-----
Von: security-dev@xml.apache.org
Gesendet: 06.12.06 21:45:05
An: security-dev@xml.apache.org

Betreff: RE: Basic hash value question


Hello again,

Thanks for the answer before. I discovered an online tool doing exactly wh=
at I wanted:=20
http://www.softwaremaker.net/DotNetApps/B64BytDecHex/index.aspx

After playing around a little bit I discovered a difference in the hash va=
lues calculated by the Apache XML Security API and CrypTool for example. W=
hen I sign <test>Test</test> with XML sec (as String input), the SHA-1 has=
h value is oZMIFC8bdyDbF4e42QF2ugr+30M=3D (in hex 0AE2 5D13 5076 7541 5DD5 D=
90B 652C D0E6 F8FA 3188). In CrypTool (as editor input, not as XML file) t=
he SHA-1 hash value is A193 0814 2F1B 7720 DB17 87B8 D901 76BA 0AFE DF43.


How is that difference explainable=3F There is nothing to canonicalize (no s=
paces, nothing), no transformations are applied. So the input text is exac=
tly the same both times. Ergo the hash values should be exactly the same b=
oth times=3F!


Where is my mistake, what am I not understanding correctly=3F What do I have=
 to do to make both hash values comparable=3F

Thanks again! Dominik

> -----Urspr=FCngliche Nachricht-----
> Von:=20
security-dev@xml.apache.org
> Gesendet: 06.12.06 00:02:42
> An: <security-dev@xml.apache.org>
> Betreff: RE: Basic hash value question


> > As far as I understand, the DigestValue is the base64
> > representation of the calculated binary hash value. How can I
> > compare this calculated SHA1 hash value with the one
> > calculated with a different tool where the hash value looks

> > something like 8011 FAB5 3D6D 20D0 E8B5 3F72 00F1 7D81 E8F1 F050=3F
>
> If you have a hex encoded version of a hash, you have to convert that ba=
ck
> to binary form and then you can base64 encode that to compare it.

>
> -- Scott
>
>


=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F
"Ein Herz f=FCr Kinder" - Ihre Spende hilft! Aktion:=20
www.deutschlandsegelt.de
Unser Dankesch=F6n: Ihr Name auf dem Segel der 1. deutschen America's Cup-Ya=
cht!


=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F
"Ein Herz f=FCr Kinder" - Ihre Spende hilft! Aktion: www.deutschlandsegelt.d=
e
Unser Dankesch=F6n: Ihr Name auf dem Segel der 1. deutschen America's Cup-Ya=
cht!


--=20
http://r-bg.com


=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/=3Fmc=3D100071&distributionid=3D000000000066