[xmlsec] xmlsec tests use private keys in the clear

Tejkumar Arora tej at netscape.com
Tue Jun 3 17:51:04 PDT 2003

Hi Aleksey,

The xmlsec test harness uses private keys in the clear in an xml
file, in  the form of key components.

NSS has no support for importing/exporting private keys in the clear,
which makes it impossible to use the full test harness without changes.
(see http://bugzilla.mozilla.org/show_bug.cgi?id=207033 for more info).

Alternatives to cleartext pvt key components in a file are:
    - pkcs12 format
    - encryptedPrivateKeyInfo format  (PKCS8 spec, I haven't looked
      at the details of this yet, and I don't know for sure if
      other crypto engines have API for this).
    - generate, use and discard the private key in a single test instead
      of storing the private key in a file and then using it in
      multiple tests.

What are your thoughts?.


More information about the xmlsec mailing list