You do break compatibility. Because there are PEM/DER clear text
key files and there are PKCS8 PEM/DER key files. The only thing that
you have to convert keys in test/* folder shows that.
Probably it would be better to introduce something like "--pkcs8-key"
option
with similar switches "pem/d
However, the very idea behind making this change is to eliminate the
"unhygenic" practice of using private keys in the clear...
I don't see big difference between using private key in clear and
private
key in pkcs8 file with no password or with "password" password. If
someone
do not unders
If you
give people a safe with a provision to lock it, but they want to
leave it unlocked, not much you can do about it :).
But if you refuse to give them a safe without a locking provision,
atleast
you're doing your part in discouraging bad habits
I think you misunderstood me. I never sa
Great! Thanks for information! I did a quick search and it seems that
it's a common
thing to add -D_ALL_SOURCE in AIX case from configure.in. I did the same
(see
attached patch). Now you don't need to specify it manually.
And I guess I know what is the problem with shared libraries. In xmlsec
t
Good! Glad that it was so simple :)
Aleksey
Asbjørn Oskal wrote:
Hi!
Thank you for your answer.
I found out myself and it was just what you
said.
The HTTP and FTP URI handlers are no
problem if you don't want to
handle ftp:// and http:// uris yourself.
The problem
Hi, Tej!
Thanks a lot for the patch! I have applied it and checked it in
with following changes:
0) Minor changes in src/openssl/apps.c to make code more readable
(there is no PKCS#8 format for certificates :) ).
1) You was right when you suggested to use "--privkey-*" options.
Th
Yes, you should be able to do it (assuming that "deattached" means
"referenced
with "). The reading should be done automaticaly
(assuming that and are enabled
as allowed key sources). And this thread might give you some hints on how
to create element:
http://www.aleksey.com/pipermail/xmlsec
Currently is not supported by xmlsec
(see interop page). Personaly, I don't see reasons for having
when there is .
IMHO, decryptor wants to know which key was used for encrypting
this data and not which data were encrypted using this key.
But it is only my personal opinion. If you need
list supp
Yes, I know about that. The only problem I have with
is
that I don't have a good API in mind. "Just decrypt everything" might
not
work well in some situations. And it's only a couple hundred lines of
code and
left as an "exersise for the reader" :)
Aleksey
Rich Salz wrote:
Currentl
It's not as simple :( Anyway, I fixed all links to online verifer to
point to web site:
1) it's useless localy anyway;
2) there is a word "online" on all links so user knows that
s/he is going online
Aleksey
___
xmlsec mailing list
[EMAIL PROTEC
Yes, but how to report errors? How to set parameters? There are too many
questions
for a generic "library" implementation. On the other hand, application
can do it easily
in each particular case. And finally since I don't have a "use case"
myself I don't feel
myself brave enough to implement it.
You need to run ./autogen.sh after applying the patch. It works for me:
[EMAIL PROTECTED] rm -rf ./src/nss/.deps
./include/xmlsec/nss/Makefile ./src/nss/Makefile
[EMAIL PROTECTED] ./autogen.sh --without-nss
...
[EMAIL PROTECTED] make distclean
...
[EMAIL PROTECTED] find -name
Good! Thanks for testing! The patch is checked in CVS.
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Did I miss something from your previous patch?
Aleksey
What I
sent had still some stuff from the previous set of
changes.
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
It seems that these functions are not in openssl libs. There are two
options:
1) you are compiling with OpenSSL 0.9.7 headers and linking with
0.9.6 shared libs.
2) your 0.9.7 libs do not have these functions compiled in.
If you can eliminate the first option, then I would suggest to compil
Hi, Glenn!
Personally, I don't need MS CryptoAPI but I would be glad to help
you with any questions you might have. And yes, I would be happy
to put your work in xmlsec.
AFAIK, Olger Warnier is already trying to implement MS CryptoAPI
support (search mailing list archive for more details). Probabl
In /usr/lib I had libcrypto.0.9.dylib and libssl.0.9.dylib with
symbolic links to them respectively libcrypto.dylib and libssl.dylib.
These are the problem.
I moved the ones in /usr/lib to /tmp and after that xmlsec compiled
successfully. I did get a warning:
I would suggest to compile opens
Aleksey: is some kind of cvs structure an option ?
Not sure I understand this correctly but if you have some code that
compiles and you are ok to share it then I would be happy to check it
in CVS anytime :)
Aleksey
___
xmlsec mailing list
[EMAIL PRO
Am I right so far?
Yes.
Is there any function like this in XMLSec?
Actually it has much more :) You can plugin any crypto functions you like.
For example, it currently supports OpenSSL, NSS and GnuTLS (and there
is some work going right now to add MS CryptoAPI to this list) as
crypto engine
Thanks for examples! I am forwarding to the list the compilation of your
findings. It seems to me that Websphere does wrong thing here. If we
are
talking about c14n then the xmlns="" must be rendered because of this:
???
??? Namespace Axis- Consider a list L containing
only namespace nodes
You don't even have to look at the c14n spec (thank goodness! :)
I could not claim something w/o citing the RFC when some people
claim that WebSphere fully supports all the spec and there is no interop
problems with it :)
Aleksey
___
xmlsec mailing li
I would send a message to xmldsig working group in few minutes.
Hope someone from IBM is still reading it.
Aleksey
Rich Salz wrote:
Venky Madireddi wrote:
Yes, this could cause some serious bugs. Would you happen to know
anyone out
there that I could report to.
no, sorry.
___
However, it would still be helpful to find out why it's working for
you. but not for me.
The last idea: I actually use "--prefix=$HOME" instead of
"--prefix=/usr/local".
Can you try it? And it would be helpfull if you can post your xmlsec
build log.
Aleksey
ment but I have no idea what.
Aleksey
Dan Timis wrote:
On Wednesday, June 11, 2003, at 06:57 PM, Aleksey Sanin wrote:
The last idea: I actually use "--prefix=$HOME" instead of
"--prefix=/usr/local".
Can you try it? And it would be helpfull if you can post your xmlsec
buil
Ok, what about next Tue-Wed?
Aleksey
John Belmonte wrote:
Hi Aleksey,
I don't want to trouble you with making frequent releases, but that
distclean patch is rather important and I'm waiting for it to make the
first 1.x package for Debian. Will there be another release soon?
Regards,
-John
Good to know that you finally made it!
Aleksey
I tried again making xmlsec with ./configure --with-openssl=/usr/local
and this time it worked.
Now I have things all over the place so who knows why it worked this
time. I give up. I have a build so I'll start using it.
_
Get the libxml library that matches xmlsec binaries your are using.
Aleksey
ruby_gengli wrote:
Aleksey Sanin ё╨
How are you!
Can you help me for some problems?
There are some error when I run the example using VC in Win200 system:XML Security Library example: Encrypting XML file
It's not a bug, it's a feature :) I am not sure which example are you
talking
about but there are 2 options:
1) As Rich pointed out, public key encryption is usually used to
encrypt
a generated random session symmetric key. Of course, encrypted data
would be different because different s
As promised to John, the XML Security Library 1.0.3 release is
available for immidiate download at usual place
http://www.aleksey.com/xmlsec/download.html
This release adds PKCS#8 support for private keys (Tej) and
several configuration and portability bug fixes. Thanks to everyone
who
Please read section 3.2 from the FAQ
http://www.aleksey.com/xmlsec/faq.html
You have to use DTD if you want to use ID attributes. Also the xmlsec
command line utility has nice options "--store-references" and
"--store-signatures". These options allow you to get the pre-digested
or pre-signed raw
Dan,
Thanks a lot for these explanations!
Aleksey
Dan Timis wrote:
Thanks for all your help. Just in case anybody else will want to use
xmlsec with Project Builder or CodeWarrior here how I was able to do it.
___
xmlsec mailing list
[EMAIL PROTECTE
Sorry, I did read your question before I got first cup of coffein drink
this morning :) Please ignore the part about FAQ and attribute ID
(in your case, the element is inside element
and it has an "implicit" DTD from xmlsec library itself).
Now back to your question. We have something like this:
Werid. I also see it on RH 9 (stock) but everything is clean
on RH 7.2 (stock + standard updates). I did quick google
search and it seems that there is a problem with autoconf.
There is a suggestion to manually remove "stamp-*" files
but I am not sure I clear understand how these files are
used so
No idea why exec bit was set. May be some Cygwin issue.
I'll try to clean it bu tnot sure I'll be able to do it.
Aleksey
John Belmonte wrote:
Hi,
This is minor, but myw32make.bat has execute permission set. Any
executable script must start with #!... under Debian policy, so I have
to change t
I have fixed thje links to tarballs instead (slightly more simple for me
:) )
Thanks for bug report!
Aleksey
John Belmonte wrote:
Maybe the Download link in the html docs menu should point to
aleksey.com, as the source package links are broken.
-John
___
Andrew,
First of all, please use xmlsec mailing list for any questions regarding
xmlsec.
Otherwise, you messages have a very good chance to go to my trash (sorry,
I recieve too many spam).
Probably the simplest solution to your problem would be to have a special
NSS specific function "SetSlot" t
As you can see from the code, there is a special GenerateKey function.
Yes, the simplest implementation I have for NSS does use the random
generator but it was only a result of copy/paste from GnuTLS/OpenSSL code.
It would be great to have symmetric key generated on crypto token.
However, you need
BTW, can't you set "default slot for crypto operation XXX" in NSS
configuration?
Aleksey
Tejkumar Arora wrote:
Andrew,
Do you have a real use-case where you want to use a specific slot
for encryption instead of the "best slot"?.
The slot choice is made for several operations (key gener
You can
implement SET functionality in the application space
I would better leave it to NSS :) There is one problem with my approach:
in some cases (decryption) the AES128 transform klass is created
*automatically*
and app does not have access to it till the very end. Thus, the
approach I o
There is already a NSS callback (GetBestSlot). Why the application needs to
have another one??? Sorry, I don't see reasons for this. If NSS can provide
the same functionality thru multiple "slots" then NSS should take care of
configuring which "slot" is used by application. I really don't like the
Andrew,
Will you please describe a use case scenario which you are
trying to solve here? Why GetBestSlot from NSS does not work
for you?
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
I think, in PKCS11 environment, if the keys are not created internally
in xmlSec, the problem will arise.
So how about my previous sugegstion: transform (AES encryption,
for example) gets slot from a key. If it is not available, then it calls
"GetBestSlot".
Aleksey
If you have key on the slot then you'll have pointer to key
in the xmlSecKeyData structure. Thus you'll be able to
retrieve it from xmlSecTransform.
IMHO, this makes much better sense than global callbacks
because there might be two, three or more different slots.
Writing callback quickly became a
As I've explained many times, please use the mailing list for any xmlsec
questions. Next, can you send your examples in an attached zip file, please?
Your or my mailer screw up everything,
Aleksey
Hi Aleksey:
Although XPath selects "", after c14n transforming, it will be
"http://www.w3.org/2000
A half an hour digging in the logs and I think I have an explanation:
0) The xmldsigverifier was compiled in April 2002 and it is more
than
a year old now (probably I need to upgrade it :) )
1) The c14n code in libxml2 version 2.4.20 that was used to
compiled
xmldsigverifier re
If you have a row key from some source then you might want to use it.
These functions provide you an ability to set raw key data directly.
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
I also think that most of their rationale for "why we need yet another
c14n mechanism" is bogus. They want something that remains valid
across infoset translations and serializations. Yuk. :)
Well, I guess that different applications need different c14n. I've seen
one that
just stripped out a
Thanks, Rich!
Aleksey
Rich Salz wrote:
Although XPath selects "", after c14n
transforming, it will be
"http://www.w3.org/2000/09/xmldsig#";>".
That's not right. The "default namespace" node is no different than
any other namespace node (except that it is assigned the name
"xml
XMLSec library does support the de-attached signatures. You just need to
prepare a template with a non-empty URI in the element :)
Read the spec one more time and look at the examples from the test suite :)
Aleksey
P.S. You will have a much better chance to get you message delivered to
mailing li
Br. IMHO, you have some problems understanding the difference
between ID attribute and a Reference URI that points to it. Please,
read the spec and try to think about what are you doing!
Next you might be interested in reading section 3.2 from the FAQ
http://www.aleksey.com/xmlsec/faq.html
A
Search and use the mailing list!!!
Aleksey
Marc Poulaud wrote:
Hi
Aleksey,
My,
you have been busy; your xmlsec library is very impressive. :-)
I'm
going to spend time getting to grips with this, but I wondered if you
could make sure I'm pointing the right direction.
AFAIK, theoreticaly speaking you are right. "Public" and "private"
key parts are independent. However, all used in xmlsec private key
formats (PEM, DER, PKCS#8) include both "private" and "public" key
parts. Thus, the assumption used in xmlsec library is that if you have
private key then you a
The truth is you that for RSA and DSA you have to have
both public ( RSA: "modulus", "exponent" and DSA: "p", "q",
"g", "y") and private (RSA: "private exponent", DSA: "x") key
components to perform "private" key operations. Thus NSS *does*
have public key information when it has private ke
IMHO, it's a crypto library problem. I am not sure I see any reasons
for this "public key as key id" requirement but I do not have pkcs8
format in front of me right now so I might be wrong. However, I know
that some other crypto libraries can get private key from pkcs8 file
directly and th
You get "http://"/> thus the element *has*
correct
namespace. The namespace prefix does not matter at all and using
instead of saves 5 bytes per element. Not
much but
still good :)
Currently xmlsec has no way of changing the prefix and I just don't know
why one can need it,
Aleksey
Asbj
Well, xmlsec does not have direct support for the behaiviour you
want thus you'll have to write some code by yourself:
1) prepare signature template but do not add X509Data element
to KeyInfo element
2) select privtate key and set it in the xmlSecDSigCtx
3) sign the template
4) add X
Hi, Matthias!
The "(//. | //@* | //namespace::*)" part simply selects all nodes in the
document and then the condition inside square brackets selects the
desired nodes. This way of XPath transform processing is described
in XMLDSig specification [1]. Unfortunately, I don't know a simple
way to ach
Well, I am not sure that this is a valid syntax. Anyway, this function
uses OpenSSL function "OBJ_cmp". You can look at the code and
find this out.
Aleksey
P.S. Subscribing to mailing list would be a good idea if you want to have
your messages actualy delivered to the list and not trashed.
_
Yes, this will also work. In you original XPath expression I missed the
fact
that you start from '/' , not '//' so you don't need to worry about the
"start from root"
fact.
Aleksey
ancestor-or-self::ns:Root and
ancestor-or-self::ns:FirstChild
___
I think I found the problem: the OBJ_cmp() (and
xmlSecOpenSSLX509_NAME_ENTRY_cmp)
compare object names and not object values. Thus when we do sort names
entries in
xmlSecOpenSSLX509NamesCompare() it sorts by object names correctly but
fails to sort
by object values. Next when we walk thru the li
Yes :) Very close :) To simplify the code I've also changed
xmlSecOpenSSLX509_NAME_cmp() function to use
xmlSecOpenSSLX509_NAME_ENTRY_cmp(). The patch
is attached and it should be in CVS in about an hour.
Your test witht this patch prints the following (I removed
some printfs for simplicity):
[EMAI
Hi, Tej!
Thanks a lot for the work you are doing! I did a quick look other your
patch and it looks pretty good and I'll try to review it other weekend.
However, I've already spotted one big problem: the new files you've
wrote still have my copyright string :) Probably it's a good idea to
ch
In general to compare values in two X509 names we should do more
tasks, but at moment this is enough.
Can you give more details about this, please?
Could you add "const" to suppress warnings:
No warnings for me... but I added 'const' word as you've suggested.
Aleksey
Sorry, your patch is incorrect. Some tests from the tests suite use
external resources thus require HTTP support. Currently, if LibXML
does not have http/ftp compiled in, the xmlsec fails with an error
that indicates a problem with IO. Your patch masks the problem
with dummy http/ftp callbacks whic
Portions of the Software
were created using source code and/or APIs
governed by the Mozilla Public License (MPL). The MPL is available
at http://www.mozilla.org/MPL/MPL-1.1.html.
The MPL permits such
portions to be distributed with code not governed by MPL, as long
as the requirements of MPL
My question, as novice for xmlsec is how important for
"merlin-xmldsig-twenty-three/signature-external-b64-dsa" test is data
referenced from URIs ?
It's important. This test makes sure that "external signatures" are
supported (see
xmldsig spec for definition).
when I would instead of extern
It's simple :) :
1) put in the to specify you desire to write
X509 cert
in the output
2) Associate the certificate(s) with the key:
man xmlsec1
--privkey[:] [,[,[...]]]
load private key from PEM file and certificates that
verify this
"--xml-data" option means that the input is an XML file
and some part of this file will be encrypted in the output.
You should specify which node you want to encrypt
and what you want to encrypt (whole node or just node
content, see XML Encryption spec for details). You can
use "--node-*" options t
This is a stupid Aleksey who maid a mistake in the error check
condition.
Fixed in CVS and I've also checked all other occurences of this
function.
Thanks for bug report!
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mai
Thanks for the bug report! I don;t think that there is a need for
$BUILDDIR
because there is a $top_buildir variable available already. Thus I've
changed
Makefile.am to look like this:
check-km: $(TEST_APP)
@(cd $(top_srcdir);\
$(SHELL) ./tests/testKeys.sh ./tests $(top_b
Sorry, you are right. I' am on the road (O'Reilly Conference). I'll fix
this as soon as I can :(
Thansk again,
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Yesterday I tried to write a mail about the case "XMLDSIG/MSCryptoAPI",
as I can see it wasn't forwarded;
You have to be subscribed to the mailing list to post to it. Otherwise,
you'll have to wait till I would
have time to go thru the spam garbage and manually allow this.
but it isn't a probl
Please, read the spec! The digest is calculated other data, signature signs
the digests and all the related info in SignedInfo element. It's not as
simple
as "feed xml in signature (or digest) function and store result in the
SignatureValue
(DigestValue)". You have to apply transforms, do c14n wh
Hi, All!
I am giving a presentation on XML Security and XML Security Lbirary at
OSCON 2003 (http://conferences.oreillynet.com/os2003/). For those of you
who have missed a great oportunity to buy me a beer [ :) ] I've uploaded
slides to my website:
http://www.aleksey.com/xmlsec/extra/xmlsec_
xmlsec
test harness does not use pkcs12 at all. I made some changes
to use pkcs12 files. I'll send the changes later with more description.
BTW, openssl "make check" results are identical before and after these
changes.
Good. Seems ok to me except the
--pkcs12[:name] [,[,...]]]
IMHO, PKCS1
The fix you've suggested is checked in. I've also fixed distclean problem
with "stamp-h*" files reported by John.
Thanks again for reporting the problem!
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
[EMAIL PROTECTED]:~/tmp$ xmlsec1 --sign --privkey-pem ~/.openssl/pierre.pem --output
sign1-sig.xml sign1-tmpl.xml
Enter PEM pass phrase:
func=xmlSecKeysMngrGetKey:file=keys.c:line=924:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed:
The library could not find the si
Good! I believe that there is OpenPGP support in Libgcrypt/GnuTLS
and XMLSec already has a framework that supports it. Probably you
should take a look at it too. I'll be glad to help you if you'll have any
questions :)
Aleksey
___
xmlsec mailing list
[
You have a mistake in your template, should be
EdShallow
instead of
EdShallow
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Take a look at the element. It says that default
namespace is dsig namespace. Thus, you got
node in dsig namespace which is defenetly wrong.
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
It's not a library or utility problem. It's a template problem as I
wrote you.
Your namespaces are screwed up.
Aleksey
Edward Shallow wrote:
Aleksey,
It seems like it might be an xmlsec command line utility problem as
opposed to a library problem per se. However our application is driving t
Great! FYI, there is a "--session-key" option that tells xmlsec
utility to generate key "on the fly". It might be a better solution
than writing the DES key to a file.
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/lis
This is not a valid ID attribute:
http://www.w3.org/TR/2000/REC-xml-20001006#sec-attribute-types"
"Values of type ID must match the Name
production."
http://www.w3.org/TR/2000/REC-xml-20001006#NT-Name
[4]
NameChar
::=
Letter
| Digit
| '.' | '-' | '_' | ':
Hi, Tej!
I did a first pass thru your code and you can find my comments bellow. I
created
a new branch "XMLSEC_NSS_030714" and checked in this patch along with
my changes. I would suggest to use this branch till we clear all the
legal and technical
issues with xmlsec-nss.
BTW, have you tried "m
Good idea! Thanks!
Aleksey
John Belmonte wrote:
You may want to create a style guide in the source package from what
you've written here.
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Almost a month from previous release and several patches
make a good reason for a new release :)
The new XML Security Library 1.0.4 release includes:
- x509 certificates names comparison function now supports
multiple entries woth the same object name (Roumen);
- minor build fixes;
- mi
Right. Fixed.
Thanks!
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Don't know why but it showed up again. I renamed both files
to a different names. I hope it's gone now.
Thanks,
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
In addition to the great examples from Edward, you might go to
examples/ folder from source package and try the following
commands. I've just added these examples to examples/README
file. Please note, that you would need to create "binary.dat"
file in "examples/" folder by yourself (just put any st
As far as I know, the right way to put quotation mark in the string in
C/C++ is to use a slash.
For example, compare these strings
char str1[] = "Hello \"world\""'; ---> Hello "world"
char str2[] = "Hello ""world"""; ---> Hello world
Double quotation mark basicaly ends the current
Hi, Roumen!
Unfortunatelly, I could not open your diff files by some reasons
(the folders are there but diff itself is empty). However, from your
description I see a problem with this patch. You are using a static
variable to determine the format and this seems wrong to me.
xmlsec library has two
BTW, I can give you rights to push files on aleksey.com too. Or setup
a script that'll grub stuff from your site automatically. What do you think?
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Your queston of why not just wrap xmlsec is a good one, it doesn't
seem impossible...
I am thinking about that for quite some time. But I don't know enough
about Python to do it myself :(
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www
Yes, it's a great tool to wrap a standalone library. However, in xmlsec
I need to integrate xmlsec wrapper with libxml,libxslt and openssl
wrappers
(i.e. I want a DOM tree from libxml wrapper to be used as a parameter
in a call to xmlsec wrapper and so on). And swig does not help at all.
Alek
Ok, I see what you are saying. Probably I need to take a look one more
time :)
Alelsey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Please check http://roumenpetrov.info/tmp/xmlsec/ for the files.
About patch:
- please review new methods - they are release candidates;
- all other is very early release, even before alpha version ;-).
Ok, I'll take a look later today.
good idea, but "merlin-xmldsig-twenty-three/signature-x509-
Please check http://roumenpetrov.info/tmp/xmlsec/ for the files.
About patch:
- please review new methods - they are release candidates;
- all other is very early release, even before alpha version ;-).
0) I absolutely do not like the code in xmlSecOpenSSLKeyDataX509XmlWrite()
function. As I expla
I prepared and commited a first draft of the "coding style, commiting
and preparing
patches" guide (see attached). Any comments/suggestions are welcome :)
Thanks again for good idea!
Aleksey
John Belmonte wrote:
You may want to create a style guide in the source package from what
you've writt
Thanks, Tej! I'll need a couple days to look at it. When I am done
I'll check it into the branch.
Aleksey
___
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
Tej,
I've looked at your changes and there is one thing that I defenetly
don't like.
You are using "certutil" tool to create the nss database. But this tool
is not
included into mozilla-nss and mozilla-nss-devel packages (read: I don't have
it on my box). Thus it makes it impossible to test nss
401 - 500 of 2720 matches
Mail list logo