[xmlsec] bugfixes for mscrypto support

Wouter wsh at xs4all.nl
Mon Sep 15 12:16:49 PDT 2003

> >With this patch all tests that should work since the code 
> for that is 
> >implemenetd, are working on my system. Since private key 
> import is not 
> >supported a lot of the encryption tests still fail. However 
> >implementing plain private key node import just for these 
> tests is not 
> >of anyones interest, so I'm afraid that will stay like this, or the 
> >testsuite should be altered.
> >
> Any suggestion on how to do that? I thought that current scheme is 
> pretty general:
> we use pkcs12 files to import keys and thought that MSCrypto can load 
> these keys.

Yeah, you're right, pkcs12 is supported, but the phaos encryption test
suite doesn't contain pkcs12 files, only plain private key files. So
what we could do is create pkcs12 file with the correct certs/keys in
there, but we'd have to create 'dummy' certificates for this, and
somehow we'd have to create the pkcs 12 files, but probably with OpenSSL
we could do this. Or we can create code that imports the private key, as
it is defined in the original phaos file, with that information I think
it is possible to import the private key into MS Crypto API, but then
this code would be implemented solely for this particular purpose: The
phaos test suite ... What do you think? (PS Sorry I keep on nagging
about these tests)

> >Aleksey: could you plz apply the patch, and commit the files? :)
> >  
> >
> Done. The patch applied and commited. However, after applying 
> that patch 
> I could not
> execute tests with mscrypto anymore because the test suite freezes on 
> the first DSig test.
> I have not investigated the issue yet but it seems strange 
> because the 
> patch does not look
> dangerous.

Hmmm, strange indeed. I've done a fresh checkout and didn't encounter
any problems. So that is not helping you at all :(


More information about the xmlsec mailing list