I checked in the lasts two changes to xmlsec-mscrypto:
- (item 2) keys/providers ref-counting and multithreading I did a slightly more generic change and was able to combine your patch with the existing code. Now you can either use the "native" OS calls for duplicatiing keys/providers handles (>NT 4.0) or ref counted keys/providers handles (NT 4.0). I fixed multi threading issue with ref counting itself (i.e. I replaced ++/-- with InterlockedIncrement/InterlockedDecrement) but I still have concerns about using *the same* key/provider handler from multiple threads. Thus I decided to make default configuration *not* to support NT 4.0 (as before). You can enable NT 4.0 support by either adding "nt4=yes" option for win32/configure.js or adding XMLSEC_MSCRYPTO_NT4 define to xmlsec-mscrypto compilation flags.
- (item 3) xmlSecMSCryptoKeyDataX509VerifyAndExtractKey function You was right. For your template, this function gets called for signature and we need to return both public and private key from it. The fix is checked in.
I believe all OO.org changes to xmlsec-mscrypto are in CVS trunk. All my tests pass as before (seems that I fixed problems with your patch while I was re-architecting the ref counting change). It would be really great if you can try latest trunk to make sure that your stuff work and that no more changes to xmlsec-mscrypto is needed. I can create a new xmlsec release later this week if you need it. Meantime, I'll start looking at xmlsec-nss patch :)
Thanks again for your patch! Aleksey
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
