[xmlsec] nss updates

Aleksey Sanin aleksey@aleksey.com
Thu, 24 Jul 2003 19:51:18 -0700


Hi, Tej!

Everything looks great and I have committed this patch to CVS. As I told 
you
today, I have fixed Windows build and this is also checked in CVS. We are
gettnig very close :) The only thing that makes me worry is that all 
RSA-1.5
tests from the tests suite are failing:
    merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5
    01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5
    01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5
    01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5
    01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5
The error is always the same: problems in decoding last block encrypted
with symetric chipher. This makes me think that actual problem is in RSA1_5
key transport. Something goes wrong and the returned symetric key is
incorrect. I wonder if you have the same results running these tests
(I am using NSS from official Mozilla 1.4 rpms for RedHat).

Thanks!
Aleksey


Tej Arora wrote:

> Hello,
>
> The latest patch has the following changes:
>
> 1) bug fixes in xmlsec-nss. Now a lot more tests pass :).
> I have 1 more bug to fix (kt_rsa.c) which is causing several
> tests to fail.
>
> 2) src/nss/README with pending items & misc notes
>
> 3) updated interop matrix. I used netscape 7 composer to edit the
> files. Please make sure the files look ok in your editing tool and 
> browser.
>
> 4) xmlSecCryptoAppKeyLoad : added a new format xmlSecKeyDataFormatPkcs12
> and made this function handle it. This makes the function handle all
> possible private key formats instead of having a separate one for pkcs12
> (xmlSecCryptoAppPkcs12Load - that function is still around for 
> compatibility).
> I made changes in src/nss, src/openssl, src/skeleton, src/GnuTLS.
>
>
> ------------------------------------------------------------------------
>
>
>
> -Tej
>
>