sha1/base64

[ben *******]

hello,

i have this string in input :

<DA><RE>97975000-5</RE><RS>RUT DE
PRUEBA</RS><TD>33</TD><RNG><D>1</D><H>200</H></RNG><FA>2003-09-04</FA><RSAPK><M>0a4O6Kbx8Qj3K4iWSP4w7KneZYeJ+g/prihYtIEolKt3cykSxl1zO8vSXu397QhTmsX7SBEudTUx++2zDXBhZw==</M><E>Aw==</E></RSAPK><IDK>100</IDK></DA>

i try to compute the SHA-1 : sha = Digest::SHA1.hexdigest(input)
I obtain correct result => 9A2115CC03E05F99A996FBCE47C4554905D75D1D

After this first operation, i try to obtain the same result in Base64
(res=Base64.b64encode(sha)). If the operation was created with success,
i should obtain => miEVzAPgX5mplvvOR8RVSQXXXR0=
But, i find an other result and i don't understand what is the meaning
of that ?

Can you help me please ?


miEVzAPgX5mplvvOR8RVSQXXXR0=

 

[Brian Candler]

i try to compute the SHA-1 : sha = Digest::SHA1.hexdigest(input)
I obtain correct result => 9A2115CC03E05F99A996FBCE47C4554905D75D1D

After this first operation, i try to obtain the same result in Base64
(res=Base64.b64encode(sha)). If the operation was created with success,
i should obtain => miEVzAPgX5mplvvOR8RVSQXXXR0=
But, i find an other result and i don't understand what is the meaning
of that ?

Since you didn't show what you *actually* get from your base64 encoding,
it's hard to be sure what you're doing wrong. But I guess you are base64
encoding the output of 'hexdigest' which is a hex string (40 ASCII
characters 0-9 and A-F) rather than the 20 bytes binary.

Compare:

"miEVzAPgX5mplvvOR8RVSQXXXR0=".unpack("m") => ["\232!\025\314\003\340_\231\251\226\373\316G\304UI\005\327]\035"]
"miEVzAPgX5mplvvOR8RVSQXXXR0=".unpack("m").first.size

=> 20

versus:

str = ["9A2115CC03E05F99A996FBCE47C4554905D75D1D"].pack("m") => "OUEyMTE1Q0MwM0UwNUY5OUE5OTZGQkNFNDdDNDU1NDkwNUQ3NUQxRA==\n"
str.unpack("m") => ["9A2115CC03E05F99A996FBCE47C4554905D75D1D"]
str.unpack("m").first.size

=> 40

If you want to generate the former, then use Digest::SHA1.digest()
instead of Digest::SHA1.hexdigest()

 

[ben *******]

Thanks for your answer. I don't mind "hexdigest".

 

[ben *******]

i have an other question. To find =>miEVzAPgX5mplvvOR8RVSQXXXR0=, i use
:

Base64.encode64(Digest::SHA1.digest('<DA><RE>97975000-5</RE><RS>RUT DE
PRUEBA</RS><TD>33</TD><RNG><D>1</D><H>200</H></RNG><FA>2003-09-04</FA><RSAPK><M>0a4O6Kbx8Qj3K4iWSP4w7KneZYeJ+g/prihYtIEolKt3cykSxl1zO8vSXu397QhTmsX7SBEudTUx++2zDXBhZw==</M><E>Aw==</E></RSAPK><IDK>100</IDK></DA>')).chomp

For example, i open this XML file :

<?xml version="1.0" encoding="UTF-8"?>
<fichier>
<version>version17</version>
<date>2009-08-07T00:00:00+00:00</date>
<client>
<name>asterix</name>
<address>rue des abricotiers</address>
</client>
<essai-list>
<truc>machin</truc>
</essai-list>
</fichier>

With "KeyToolIuI" (freeware), i sign the file to create an embedded
signature. i obtain :

<?xml version="1.0" encoding="UTF-8" standalone="no"?><fichier>
<version>version17</version>
<date>2009-08-07T00:00:00+00:00</date>
<client>
<name>asterix</name>
<address>rue des abricotiers</address>
</client>
<essai-list>
<truc>machin</truc>
</essai-list>
<Signature
xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference
URI=""><Transforms><Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>vKNk56BFnbFAM7/65dGNZCaIW2Q=</DigestValue></Reference></SignedInfo><SignatureValue>fC4EZOO2aLCuXI5YvTxTUGWUVdAv1KAz22KnVhDV5v2bzzFsGlJVT8/shTLLt34hpjcl1Z/E/vAa
PVbUuGSRKfG3tD7JA/hx04UZNMpPPQ18TjcjHBoF3xWuyclIavmRQoC5tKZQqccNDWpy3EwYFxvF
4HdnXah8xDgN8jSvzepuE4YY2UGQEsAy2dJRCfcjFngISkfdW9zZC3KtdKOcaaZmqi4ksJYgMhiM
76Y+amYP80imQ2qym4bdOXc4xkXg//pO3x+IRKoO/tJ0xfLBiIrJJIwbbTfFJI/oZxi45lyBpFik
tZRrR/2jaxoADOa15ZdrWvdfgDMgaTGNChdqFQ==</SignatureValue><KeyInfo><X509Data><X509SubjectName>CN=me,C=FR</X509SubjectName><X509Certificate>MIICtzCCAZ8CBEp/88wwDQYJKoZIhvcNAQEFBQAwIDELMAkGA1UEBhMCRlIxETAPBgNVBAMMCGJv
dXNxdWV0MB4XDTA5MDgxMDEwMTc0OFoXDTEyMDgwOTEwMTc0OFowIDELMAkGA1UEBhMCRlIxETAP
BgNVBAMMCGJvdXNxdWV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaftCNBNm++9
lDFAteXfJu9nfqcfsOvIlqhUEQHvLfJy1yQqPH1wgSXL2/y3FGUvegGuRkkdxYckuwQncuQImvxE
KI0ovuQt5PIt0cc4CAdTR1W2WoTgqRuB0Fu092Xjr7sbWM5yy11j22qSdGk2zWQjFdKB9awLEQs9
ASnJK/zAdNs2XtEaTN9Nrb1LTQmq7CKNUv0HUhzZ6I6GkJUn2Kk3hnD+Re7zTUUSDFMKss+Tre05
kdLIMBEeXxuwNr6M5/lx8d934XBucrC1DbKHOJvQzL/1Q+45+w6ZSgyYafxOBvWPHHOJ057f+MPK
iAlGjN/z0jWY5gZlyPNkZXBuAwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBpK4OKjmoolPvYQojj
nNvcNbTwVXyvPLizU+mKSlinr6WT2qpcDq4pH/CmzPBlsLRuG/eTXHiUQPU8o7tMZRwDebOPgHW3
3AdNV6eQH+IWeXHz14z+y0Fgfp+4faQ0R+bWATcUgiDjFtFRmH4SzY8AzE+j5iph8dgUeYpQxeXs
wS/gU5d2wT24M3wFJ2GYk/Ehzi9gQ4uL6IF2b7LVXn9tHSyLOIMyMXXSjsqFyRXsx6wJMIyc5khH
y6OtifG3mFLuuzlUDrwwSdVbVjkNQFeK/ujb/mUOqP5dqXD6M0wj4QB8QwswQPgRwBgHK4tJ30ZL
tbzKt6cMpxFcJ3/YG7Wv</X509Certificate></X509Data></KeyInfo></Signature></fichier>

I don't understand how the software compute the digestvalue =>
vKNk56BFnbFAM7/65dGNZCaIW2Q=

I'am not able to find this value using sha1 and base64 method on data!

Do you have solution to do it ?

 

[Brian Candler]

I don't understand how the software compute the digestvalue =>
vKNk56BFnbFAM7/65dGNZCaIW2Q=

The error message tells you: follow the link to the XML Canonicalisation
algorithm it has used.

I don't know if there is an existing Ruby implementation of this you can
re-use.

In any case, the "signature" it has added is most definitely not just a
Hash.