[xmlsec] xmlsec tests use private keys in the clear
Tejkumar Arora
tej@netscape.com
Tue, 3 Jun 2003 17:51:04 -0700
Hi Aleksey,
The xmlsec test harness uses private keys in the clear in an xml
file, in the form of key components.
NSS has no support for importing/exporting private keys in the clear,
which makes it impossible to use the full test harness without changes.
(see http://bugzilla.mozilla.org/show_bug.cgi?id=207033 for more info).
Alternatives to cleartext pvt key components in a file are:
- pkcs12 format
- encryptedPrivateKeyInfo format (PKCS8 spec, I haven't looked
at the details of this yet, and I don't know for sure if
other crypto engines have API for this).
- generate, use and discard the private key in a single test instead
of storing the private key in a file and then using it in
multiple tests.
What are your thoughts?.
thanks,
-Tej