[xmlsec] gnutls signature, x509chain test
Roumen Petrov
xmlsec at roumenpetrov.info
Sun Nov 25 07:29:36 PST 2012
Hi Aleksey,
I would like to inform you about some failures in gnutls regression tests.
My previous test is from 2012-09-10 and current from 2012-11-24 after
upgrade of OS (64-bit platform).
What is different :
- libxml,2 libxslt, libxml extracted from master repository. Builds in
source tree and with options --...src=path to source
- gcrypt: 1.4.6 -> 1.5.0
- gnutls: 2.10.5 -> 3.0.23
No changes in regression test results for openssl, nss, and gcrypt back
ends.
For instance aleksey-xmldsig-01/enveloping-rsa-x509chain test now fail
in my new environment.
Using command line I perform additional tests
- If sing/verify operation is performed with gnutls only, i.e. same as
in regression test, test fail.
- If sign is from openssl but verify from gnutls test pass.
- Also signature created with gnutls cannot be verified by openssl.
So I think that failure is from gnutls but I cannot confirm.
Regards,
Roumen
More information about the xmlsec
mailing list