diff options
Diffstat (limited to 'tests/invalid')
| -rw-r--r-- | tests/invalid/mac-missing.pskcxml | 42 | ||||
| -rw-r--r-- | tests/invalid/mac-value.pskcxml | 6 | ||||
| -rw-r--r-- | tests/invalid/missing-encryption-method.pskcxml (renamed from tests/invalid/empty-mac-key.pskcxml) | 9 |
3 files changed, 7 insertions, 50 deletions
diff --git a/tests/invalid/mac-missing.pskcxml b/tests/invalid/mac-missing.pskcxml deleted file mode 100644 index 04b8ba7..0000000 --- a/tests/invalid/mac-missing.pskcxml +++ /dev/null @@ -1,42 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<!-- - Based on figure 6 from RFC6030 but with a missing encryption element - but MAC present. ---> - -<KeyContainer Version="1.0" - xmlns="urn:ietf:params:xml:ns:keyprov:pskc" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" - xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> - <MACMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> - <KeyPackage> - <DeviceInfo> - <Manufacturer>Manufacturer</Manufacturer> - <SerialNo>987654321</SerialNo> - </DeviceInfo> - <CryptoModuleInfo> - <Id>CM_ID_001</Id> - </CryptoModuleInfo> - <Key Id="12345678" Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp"> - <Issuer>Issuer</Issuer> - <AlgorithmParameters> - <ResponseFormat Length="8" Encoding="DECIMAL"/> - </AlgorithmParameters> - <Data> - <Secret> - <EncryptedValue> - <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> - <xenc:CipherData> - <xenc:CipherValue>AAECAwQFBgcICQoLDA0OD+cIHItlB3Wra1DUpxVvOx2lef1VmNPCMl8jwZqIUqGz</xenc:CipherValue> - </xenc:CipherData> - </EncryptedValue> - <ValueMAC>Su+NvtQfmvfJzF6bmQiJqoLRExc=</ValueMAC> - </Secret> - <Counter> - <PlainValue>0</PlainValue> - </Counter> - </Data> - </Key> - </KeyPackage> -</KeyContainer> diff --git a/tests/invalid/mac-value.pskcxml b/tests/invalid/mac-value.pskcxml index 26d335c..f7ff9d5 100644 --- a/tests/invalid/mac-value.pskcxml +++ b/tests/invalid/mac-value.pskcxml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - Based on figure 6 but with a modified CipherValue element. + Based on figure 6 from RFC 6030 but with a modified ValueMAC element. --> <KeyContainer Version="1.0" @@ -37,10 +37,10 @@ <EncryptedValue> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> <xenc:CipherData> - <xenc:CipherValue>AAECAwQFBgcICQoLDA0OD+cIHItlB3Wra1DUpxVvOx2lef1VmNPCMl8jwZqIUqGz</xenc:CipherValue> + <xenc:CipherValue>AAECAwQFBgcICQoLDA0OD+cIHItlB3Wra1DUpxVvOx2lef1VmNPCMl8jwZqIUqGv</xenc:CipherValue> </xenc:CipherData> </EncryptedValue> - <ValueMAC>Su+NvtQfmvfJzF6bmQiJqoLRExc=</ValueMAC> + <ValueMAC>Au+NvtQfmvfJzF6bmQiJqoLRExc=</ValueMAC> </Secret> <Counter> <PlainValue>0</PlainValue> diff --git a/tests/invalid/empty-mac-key.pskcxml b/tests/invalid/missing-encryption-method.pskcxml index 16f5c4f..b8a1848 100644 --- a/tests/invalid/empty-mac-key.pskcxml +++ b/tests/invalid/missing-encryption-method.pskcxml @@ -1,7 +1,8 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - An encrypted secret with a MAC but missing a global MAC key definition. + Based on the Figure 6 example, this file is missing the EncryptionMethod + element in both the encrypted value and the MAC key definition. --> <KeyContainer Version="1.0" @@ -11,21 +12,19 @@ <EncryptionKey> <ds:KeyName>Pre-shared-key</ds:KeyName> </EncryptionKey> - <MACMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-zha9"> + <MACMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"> <MACKey> </MACKey> </MACMethod> <KeyPackage> - <Key Id="12345678" Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp"> + <Key Id="45678901" Algorithm="urn:ietf:params:xml:ns:keyprov:pskc:hotp"> <Data> <Secret> <EncryptedValue> - xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> <xenc:CipherData> <xenc:CipherValue>AAECAwQFBgcICQoLDA0OD+cIHItlB3Wra1DUpxVvOx2lef1VmNPCMl8jwZqIUqGv</xenc:CipherValue> </xenc:CipherData> </EncryptedValue> - <ValueMAC>LP6xMvjtypbfT9PdkJhBZ+D6O4w=</ValueMAC> </Secret> </Data> </Key> |