Hi, I have tried to run the xtest application in the XML-Security C (1.3.1 and 1.4.0) library but it fails at the verification step of "Unit testing of RSA-SHA1" signature.
I have used "xtest -n". Here is my development environment: Fedora7 Linux, NSS code in Firefox2 and Firefox3 beta source. For 1.3.1 and 1.4.0 compiled with NSS in Firefox2, I get an XSECCryptoException in the "Unit testing of RSA-SHA1" signature function. For 1.3.1 and 1.4..0 compiled with NSS in Firefox3, it fails in the the sig.verify() step. I get following message " ... signing ... OK ... validating ... bad verify!". xtext app works fine for symmetric key cases but signature verification fails for the RSA Key, even though sign() step works properly. It also works fine with xml-security-c-1.3.0 and NSS in Firefox2 on Linux (Fedora7). I have compared the signature element form 1.3.0 and 1.4.0 and the only difference is in the SignatureValue element. I have also found that the size of the shared library for 1.3.1. and 1.4.0 is ~9.38MB compared to the 1.41MB for 1.3.0. Is this expected? Is there anything I can do to reduce the size to be comparable 1.3.0. I understand the disclaimer that "NSS part is alpha", still any help in getting around the problem would be greatly appreciated. Thanks. -- Subrata Mazumdar
