[xmlsec] nss crypto and test suite
Aleksey Sanin
aleksey at aleksey.com
Sun Sep 18 15:54:09 PDT 2005
You MUST use 'der' format for keys because nss does not understand 'pem'
./testDSig.sh nss /usr/local/src/xmlsec1-1.2.9/tests xmlsec1 der
Aleksey
Edward Shallow wrote:
> Aleksey Sanin wrote:
>
>> Can you try to run testKeys.sh for nss first, please? It will create
>> necessary keys in NSS keys storage.
>>
>> Aleksey
>>
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>
> Yes I do not get the init failure, all keys created in
> /tmp/xmlsec-crypto-config.
>
> I am running following command line ...
>
> ./testDSig.sh nss /usr/local/src/xmlsec1-1.2.9/tests xmlsec1 pem
>
>
> ... and received following
>
> --- testDSig started for xmlsec-nss library (20050918_182358)
> ---
> LD_LIBRARY_PATH=/usr/local/src/xmlsec1-1.2.9/src/nss/.libs:/usr/local/src/xmlsec1-1.2.9/src/openssl/.libs:/usr/lib
>
> Test: /aleksey-xmldsig-01/enveloping-dsa-x509chain
> xmlsec1 verify --crypto nss --crypto-config /tmp/xmlsec-crypto-config
> --trusted-pem /usr/local/src/xmlsec1-1.2.9/tests/keys/cacert.pem
> --enabled-key-data x509
> /usr/local/src/xmlsec1-1.2.9/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml
>
> func=xmlSecNssAppKeysMngrCertLoadSECItem:file=app.c:line=1389:obj=unknown:subj=unknown:error=17:invalid
> format:format=2;last nss error=-5977 (0xFFFFE8A7)
> func=xmlSecNssAppKeysMngrCertLoad:file=app.c:line=1278:obj=unknown:subj=xmlSecNssAppKeysMngrCertLoadSECItem:error=1:xmlsec
> library function failed: ;last nss error=-5977 (0xFFFFE8A7)
> Error: failed to load trusted cert from
> "/usr/local/src/xmlsec1-1.2.9/tests/keys/cacert.pem".
> Error: keys manager creation failed
More information about the xmlsec
mailing list