Hello, sorry for the delay. My hash value problem was perfectly solved by Ulrich. Thanks for that! It wasn't a transformation problem (the enveloped transformation was applied, I just cutted that part out in my first email), the problem was only caused by a wrong base64 to hex transformation.
Thanks again for all the help.
Regards Dominik
> -----Ursprüngliche Nachricht-----
> Von: security-dev@xml.apache.org
> Gesendet: 08.12.06 14:57:41
> An: security-dev@xml.apache.org
> Betreff: Re: Basic hash value question
> Hello Raul,
>
> I'm not quite sure if I understood your question right. There was no signing
> and transforming involved outside the code I posted. I just took the Base64
> encoded String and converted it into a hex String to show, that it matched
> the result Dominik got from the CrypTool.
>
> Maybe your question was meant for Dominik?
>
> Cheers, Ulrich
>
> -----Ursprüngliche Nachricht-----
> Von: security-dev@xml.apache.org
> Gesendet: 07.12.06 20:09:13
> An: security-dev@xml.apache.org
> Betreff: Re: Basic hash value question
>
> Hi Ulrich,
> It seems to me that you need enveloped transformation. Can you post how you
> do signing?
> Regards,
>
>
> On 12/6/06, Ulrich Ackermann <
> [EMAIL PROTECTED]> wrote:Hello Dominik,
>
> If I take your Base64 encoded SHA-1 hash value and make a hex string out of
> it, I get exactly what you stated as your CrypTool result.
>
> It seems to me, that your conversion from Base64 to hex string is incorrect.
>
> I used the following code:
> String base64Encoded = "oZMIFC8bdyDbF4e42QF2ugr+30M=";
> sun.misc.BASE64Decoder base64Decoder = new sun.misc.BASE64Decoder();
> byte[] rawBytesFromBase64Encoded = base64Decoder.decodeBuffer(base64Encoded);
> String hexFromBase64 = new String(
> org.bouncycastle.util.encoders.Hex.encode(rawBytesFromBase64Encoded));
>
> System.out.println("hexFromBase64 = " + hexFromBase64);
>
> And that gives the following output, which is what you expected:
> hexFromBase64 = a19308142f1b7720db1787b8d90176ba0afedf43
>
>
> Cheers,
> Ulrich
>
>
> -----Ursprüngliche Nachricht-----
> Von: security-dev@xml.apache.org
> Gesendet: 06.12.06 21:45:05
> An: security-dev@xml.apache.org
>
> Betreff: RE: Basic hash value question
>
>
> Hello again,
>
> Thanks for the answer before. I discovered an online tool doing exactly what
> I wanted:
> http://www.softwaremaker.net/DotNetApps/B64BytDecHex/index.aspx
>
> After playing around a little bit I discovered a difference in the hash
> values calculated by the Apache XML Security API and CrypTool for example.
> When I sign <test>Test</test> with XML sec (as String input), the SHA-1 hash
> value is oZMIFC8bdyDbF4e42QF2ugr+30M= (in hex 0AE2 5D13 5076 7541 5DD5 D90B
> 652C D0E6 F8FA 3188). In CrypTool (as editor input, not as XML file) the
> SHA-1 hash value is A193 0814 2F1B 7720 DB17 87B8 D901 76BA 0AFE DF43.
>
>
> How is that difference explainable? There is nothing to canonicalize (no
> spaces, nothing), no transformations are applied. So the input text is
> exactly the same both times. Ergo the hash values should be exactly the same
> both times?!
>
>
> Where is my mistake, what am I not understanding correctly? What do I have to
> do to make both hash values comparable?
>
> Thanks again! Dominik
>
> > -----Ursprüngliche Nachricht-----
> > Von:
> security-dev@xml.apache.org
> > Gesendet: 06.12.06 00:02:42
> > An: <security-dev@xml.apache.org>
> > Betreff: RE: Basic hash value question
>
>
> > > As far as I understand, the DigestValue is the base64
> > > representation of the calculated binary hash value. How can I
> > > compare this calculated SHA1 hash value with the one
> > > calculated with a different tool where the hash value looks
>
> > > something like 8011 FAB5 3D6D 20D0 E8B5 3F72 00F1 7D81 E8F1 F050?
> >
> > If you have a hex encoded version of a hash, you have to convert that back
> > to binary form and then you can base64 encode that to compare it.
>
> >
> > -- Scott
> >
> >
>
>
> ______________________________________________________________________________
> "Ein Herz für Kinder" - Ihre Spende hilft! Aktion:
> www.deutschlandsegelt.de
> Unser Dankeschön: Ihr Name auf dem Segel der 1. deutschen America's Cup-Yacht!
>
>
>
>
> ______________________________________________________________________________
> "Ein Herz für Kinder" - Ihre Spende hilft! Aktion: www.deutschlandsegelt.de
> Unser Dankeschön: Ihr Name auf dem Segel der 1. deutschen America's Cup-Yacht!
>
>
>
>
> --
> http://r-bg.com
>
>
>
> _____________________________________________________________________
> Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
> http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
>
>
______________________________________________________________________________
"Ein Herz für Kinder" - Ihre Spende hilft! Aktion: www.deutschlandsegelt.de
Unser Dankeschön: Ihr Name auf dem Segel der 1. deutschen America's Cup-Yacht!
smime.p7s
Description: S/MIME Cryptographic Signature
