[xmlsec] Wrong key selection in simple keys store?
Aleksey Sanin
aleksey at aleksey.com
Sun Sep 14 02:21:30 PDT 2003
Yes, you are right. The test uses <EncryptedKey/> and it should search
the session key in keys manager. Somehow I missed this when I've imported
the 01-phaos-xmlenc test suite. The fix is trivial: add "--session-key"
option.
I did it for all tests in that test suite. All other tests are not
affected (there is
this option already or there is no need in one). The patch is checked in
both branch and trunk. I am attaching it to the message in case you would
need it sooner than it shows up in the anonymous cvs.
Thanks for spotting and reporting this!
Aleksey
>Perhaps the test needs to be adjusted then?
>
>
>
-------------- next part --------------
Index: testEnc.sh
===================================================================
RCS file: /cvs/gnome/xmlsec/tests/testEnc.sh,v
retrieving revision 1.19.2.3
diff -u -r1.19.2.3 testEnc.sh
--- testEnc.sh 10 Sep 2003 07:32:11 -0000 1.19.2.3
+++ testEnc.sh 14 Sep 2003 09:12:12 -0000
@@ -205,93 +205,92 @@
execEncTest "01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-retrieval-method-uris empty,same-doc" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-3des-kw-3des" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-content-aes128-kw-3des" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-
execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kw-aes128" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-content-3des-kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-content-aes192-kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-aes192-kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-element-aes256-kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-text-3des-kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
execEncTest "01-phaos-xmlenc-3/enc-text-aes128-kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
- "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
+ "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
#01-phaos-xmlenc-3/enc-element-3des-ka-dh.xml
More information about the xmlsec
mailing list