[xmlsec] OpenSSL Gost support - final patch
beldmit at gmail.com
Sat Sep 3 11:29:02 PDT 2011
Thank you! If I can help you with test cases, i'l be glad.
When do you plan to release a new version as production?
On Sat, Sep 3, 2011 at 9:10 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:
> Great, thank you! Let me take a look and I will definitely merge it.
> On 9/3/11 4:55 AM, Dmitry Belyavsky wrote:
> I've found an linking error and now openssl xmlsec works with the
> Russian GOST digital signature algorythm. Here is the patch.
> The only known bugfeature is related with the absence of functions
> determining whether the public key only or both private and public are
> available in EVP_PKEY struct in modern openssl.
> The result is compatible with gost mscrypto signature. Example test:
> apps/.libs/xmlsec1 --verify --trusted-pem tests/keys/gost2001ca.pem
> --verification-time "2006-04-01 00:00:00"
> works, the signature and digest are verified successfully.
> The usage of GOST algorythms requires OpenSSL 1.0 or later. It should
> be configured according to README.gost instructions. The library
> should be builded with --enable-gost parameter.
> I hope you'll find this patch suitable for distribution.
> Thank you!
> xmlsec mailing list
> xmlsec at aleksey.com
SY, Dmitry Belyavsky
More information about the xmlsec