santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: SignatureValue changes
Date Wed, 30 Jul 2008 14:19:18 GMT
I believe that is expected behavior with DSA signatures, i.e. there is 
nothing wrong.

--Sean

Legido Martínez, Isidoro wrote:
> Hi,
> 
> Probably I am doing somehing really stupid, but I don't see where I am 
> wrong so.. help!! :-)
> 
> I am using xml-security-bin-1_4_2 + jre1.5.0_07 (I have also tested with 
> jre1.6.0_07 with the same result). I have run the example 
> org.apache.xml.security.samples.signature.CreateSignature more than 
> onces and every time I get a different value for the SignatureValue 
> element!!! The funny thing is that all the Reference's digest remain the 
> same, the private key is of course always the samed but... the 
> SignatureValue's value changes!
> You can find below what I get ((signature.xml file).
> 
> How is that possible?
> 
> Thanks a lot
> 
> Isi
> 
> 
> <!-- Comment before -->
> <apache:RootElement xmlns:apache="http://www.apache.org/ns/#app1" 
> xmlns:foo="http://example.org/#foo" attr1="test1" attr2="test2" 
> foo:attr1="foo's test">Some simple text
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod 
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:CanonicalizationMethod>
> <ds:SignatureMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"></ds:SignatureMethod>
> <ds:Reference URI="">
> <ds:Transforms>
> <ds:Transform 
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
> <ds:Transform 
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>f+pDsT3LzyKV9Sg6rdK5bBrQlbo=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="http://www.w3.org/TR/xml-stylesheet">
> <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="http://www.nue.et-inf.uni-siegen.de/index.html">
> <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>Hpg+6h1k1jYY5yr3TRzDZzw23CQ=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> *<ds:SignatureValue>V7qLGEQhZZGbfCjhzJRsXDKPTbVBev1/6lxqKdgDdT2c8bXc4d9rKw==</ds:SignatureValue>**

> -> It changes*!!!
> <ds:KeyInfo>
> <ds:X509Data>
> <ds:X509Certificate>
> MIIC9jCCArQCBDruqiowCwYHKoZIzjgEAwUAMGExCzAJBgNVBAYTAkRFMR0wGwYDVQQKExRVbml2
> ZXJzaXR5IG9mIFNpZWdlbjEQMA4GA1UECxMHRkIxMk5VRTEhMB8GA1UEAxMYQ2hyaXN0aWFuIEdl
> dWVyLVBvbGxtYW5uMB4XDTAxMDUwMTEyMjA1OFoXDTA2MTAyMjEyMjA1OFowYTELMAkGA1UEBhMC
> REUxHTAbBgNVBAoTFFVuaXZlcnNpdHkgb2YgU2llZ2VuMRAwDgYDVQQLEwdGQjEyTlVFMSEwHwYD
> VQQDExhDaHJpc3RpYW4gR2V1ZXItUG9sbG1hbm4wggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9T
> gR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv
> 8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HX
> Ku/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSv
> u/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64e
> K7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAAC
> gYASWfn+G1k/nWntj9jX7Nk5JKaiLZ9BLR16eJJxqff33THLfdGs98Xmh2oRWZVh9PMV8oTP3hpR
> cRipjZUZVEIqsBlOGTVLCg4H5TJ81JWOiprh+mkhClNqUr8l5Hu7FBSvQB6inryeva7j0aKNiIvK
> 8vfHTiUZpnyNRhkveBlM0jALBgcqhkjOOAQDBQADLwAwLAIUPDd/UmB9GeHqvGjny30Bvjt0AkUC
> FA9ab72kKuB5geYGeckbBrcgPnZk
> </ds:X509Certificate>
> </ds:X509Data>
> <ds:KeyValue>
> <ds:DSAKeyValue>
> <ds:P>
> /X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA
> HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
> K2HXKu/yIgMZndFIAcc=
> </ds:P>
> <ds:Q>l2BQjxUjC8yykrmCouuEC/BYHPU=</ds:Q>
> <ds:G>
> 9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3
> zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL
> Zl6Ae1UlZAFMO/7PSSo=
> </ds:G>
> <ds:Y>
> Eln5/htZP51p7Y/Y1+zZOSSmoi2fQS0deniScan3990xy33RrPfF5odqEVmVYfTzFfKEz94aUXEY
> qY2VGVRCKrAZThk1SwoOB+UyfNSVjoqa4fppIQpTalK/JeR7uxQUr0Aeop68nr2u49GijYiLyvL3
> x04lGaZ8jUYZL3gZTNI=
> </ds:Y>
> </ds:DSAKeyValue>
> </ds:KeyValue>
> </ds:KeyInfo>
> </ds:Signature></apache:RootElement>
> <!-- Comment after -->
> 
> 
> 
> 
> 
> -- 
>         ,-""""""-.
>      /\j__/\  (  \`--.
>      \`@_@'/  _)  >--.`.
>     _{.:Y:_}_{{_,'    ) )
>    {_}`-^{_} ```     (_/


Mime
View raw message