O'Reilly logo

Secure XML: The New Syntax for Signatures and Encryption by Kitty Niles, Donald E. Eastlake

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

18.3. Message Authentication Codes

A Message Authentication Code (MAC) is calculated from the data to be authenticated and a secret quantity. The HMAC algorithm [RFC 2104] is the basis of all MACs that XML Security specifies, although other strong MAC techniques exist as well [Schneier]. You can use the HMAC algorithm with any hash code.

MAC algorithm identifiers appear as the value of the Algorithm attribute of SignatureMethod elements, as shown in Figure 18-3. Their implicit inputs consist of their keying material and the octet stream output by the signature's CanonicalizationMethod. MACs are syntactically identical to signatures but imply a shared secret key.

Figure 18-3. SignatureMethod algorithms

18.3.1. HMAC SHA-1

 HMAC SHA-1 Identifier: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required