[xmlsec] HMACOutputLength bug?

[Rich Salz]

We tried an interop test (against our product) with a length of 91 and it failed. The bug seems to be that xmlsec rounds down to the nearest bytecount?
if(content != NULL) {
res = atoi((char*)content) / 8;
The fix looks a little tricky, since changing "digestSize" from bytes to bits would be pretty pervasive. Perhaps adding a "outputBits" field which, if non-zero, is used as a mask?
/r$

_______________________________________________
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec