santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mazumdar, Subrata (Subrata)" <>
Subject RSA Key based signature in xtest of xml-secuirty-c (1.3.1 and 1.40) does not wok for NSS in Firefox/Linux
Date Fri, 14 Mar 2008 17:10:02 GMT

I have tried to run the xtest application in the XML-Security C (1.3.1
and 1.4.0) library but it fails at the verification step  of "Unit
testing of RSA-SHA1" signature.

I have used "xtest -n". 


Here is my development environment: Fedora7 Linux, NSS code in Firefox2
and Firefox3 beta source. 


For 1.3.1 and 1.4.0 compiled with NSS in Firefox2, I get an
XSECCryptoException in the "Unit testing of RSA-SHA1" signature

For 1.3.1 and 1.4..0 compiled with NSS in Firefox3, it fails in the the
sig.verify() step. I get following message 

" ... signing ... OK ... validating ... bad verify!".


xtext app works fine for symmetric key cases but signature verification
fails for the RSA Key, even though sign() step works properly. 

It also works fine with xml-security-c-1.3.0 and NSS in Firefox2 on
Linux (Fedora7). 


I have compared the signature element form 1.3.0 and 1.4.0 and the only
difference is in the SignatureValue element. 


I have also found that the size of the shared library for 1.3.1. and
1.4.0 is ~9.38MB compared to the  1.41MB for 1.3.0. 

Is this expected? Is there anything I can do to reduce the size to be
comparable 1.3.0. 


I understand the disclaimer that "NSS part is alpha", still any help in
getting around the problem would be greatly appreciated. 



Subrata Mazumdar 



View raw message