[xmlsec] Re: Invalid certificate (and new todo)
Aleksey Sanin
aleksey@aleksey.com
Wed, 24 Sep 2003 17:12:53 -0700
I looked at this change. It does not sound very bad. But it might create
some
problems with merging branch to the trunk. Since I think that mscrypto
code is
in a pretty good shape right now, I would suggest to first merge it into
the trunk.
Wouter, what do you think about that?
Aleksey
My Todo List (do not hesitate to let me know if something is missing)
-----------------------------------------------------------------------------------------------------------------
Before 1.2 release:
0) Merge branch to the trunk.
1) Run API docs generator to find out how bad is the situation. Fix as much
as possible (Wouter, I would probably need you help with this).
2) Create "Cert" key type for public keys.
3) Look into failing tests (there is a new pkcs12 file from Wouter that
needs to be tested).
4) Do one more code review pass.
5) Think about running xmlsec-mscrypto with memory checker
After 1.2 release:
0) Do internal code cleanup in xmlsec-mscrypto and xmlsec-nss. The goal is
to minimize the number of cases when our internal functions return strings
that needs to be freed. For example,
static xmlChar*
xmlSecMSCryptoX509SKIWrite(PCCERT_CONTEXT cert);
should be converted to
static int
xmlSecMSCryptoX509SKIWrite(PCCERT_CONTEXT cert,
xmlNodePtr node);
Aleksey