[xmlsec] Big patch to xmlsec in recent OpenOffice.org sources

Chandler Peng Chuandong.Peng at Sun.COM
Tue Mar 1 19:58:28 PST 2005


Hi , Aleksey ,
I  have checked the latest trunk of xmlsec-mscrypto and it is no problem 
for openoffice(src680m81) except 4 functions missed.
The missed funtions are
xmlSecMSCryptoAppliedKeysMngrCreate()
xmlSecMSCryptoAppliedKeysMngrPriKeyLoad()
xmlSecMSCryptoAppliedKeysMngrPubKeyLoad()
xmlSecMSCryptoAppliedKeysMngrSymKeyLoad()
and implemented in akmngr.c .
Would you pleased to add these functions into xmlsec-mscrypto ?

Chandler .

Andrew Fan wrote:

> Aleksey,
>
> Thank you very much for upgrading and accepting our path. It is a big 
> step to make OpenOffice work well with xml security features.
>
> Aleksey Sanin wrote:
>
>> I checked in the lasts two changes to xmlsec-mscrypto:
>>
>> - (item 2) keys/providers ref-counting and multithreading
>> I did a slightly more generic change and was able to combine
>> your patch with the existing code. Now you can either use the
>> "native" OS calls for duplicatiing keys/providers handles (>NT 4.0)
>> or ref counted keys/providers handles (NT 4.0). I fixed multi
>> threading issue with ref counting itself (i.e. I replaced ++/--
>> with InterlockedIncrement/InterlockedDecrement) but I still
>> have concerns about using *the same* key/provider handler from
>> multiple threads. Thus I decided to make default configuration
>> *not* to support NT 4.0 (as before). You can enable NT 4.0
>> support by either adding "nt4=yes" option for win32/configure.js
>> or adding XMLSEC_MSCRYPTO_NT4 define to xmlsec-mscrypto
>> compilation flags.
>>
> Thank you very much. I think it is no problem for openoffice generally.
>
>> - (item 3) xmlSecMSCryptoKeyDataX509VerifyAndExtractKey function
>> You was right. For your template, this function gets called
>> for signature and we need to return both public and private key
>> from it. The fix is checked in.
>>
> Thanks.
>
>>
>>
>> I believe all OO.org changes to xmlsec-mscrypto are in CVS trunk.
>> All my tests pass as before (seems that I fixed problems with
>> your patch while I was re-architecting the ref counting change).
>> It would be really great if you can try latest trunk to make sure
>> that your stuff work and that no more changes to xmlsec-mscrypto
>> is needed. I can create a new xmlsec release later this week if
>> you need it. 
>
>
> I'll give you more feed back about the test.
>
>> Meantime, I'll start looking at xmlsec-nss patch :)
>>
> Looking forward to working with you on the nss patch.
>
> Thanks & Regards,
> Andrew
>
>> Thanks again for your patch!
>> Aleksey
>>
>>
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec




More information about the xmlsec mailing list