[xmlsec] gnutls signature, x509chain test

Roumen Petrov xmlsec at roumenpetrov.info
Sun Nov 25 07:29:36 PST 2012

Hi Aleksey,

I would like to inform you about some failures in gnutls regression tests.

My previous test is from 2012-09-10 and current from 2012-11-24 after 
upgrade of OS (64-bit platform).

What is different :
- libxml,2 libxslt, libxml extracted from master repository. Builds in 
source tree and with options --...src=path to source
- gcrypt: 1.4.6 -> 1.5.0
- gnutls:  2.10.5 ->  3.0.23

No changes in regression test results for openssl, nss, and gcrypt back 

For instance aleksey-xmldsig-01/enveloping-rsa-x509chain test now fail 
in my new environment.

Using command line I perform additional tests
- If sing/verify operation is performed with gnutls only, i.e. same as 
in regression test, test fail.
- If sign is from openssl but verify from gnutls test pass.
- Also signature created with gnutls cannot be verified by openssl.
So I think that failure is from gnutls but I cannot confirm.


More information about the xmlsec mailing list