PostScript ... It is not just the verify that leaks. The sign leaks as well. Here is a very simple signing template. <KeyName> triggers which key to access in mscrypto store. Everything works fine, it just leaks.
xmlsec sign --crypto mscrypto --repeat 1000 --output inout/edsigned-enveloped-friendly.xml tmpl/tmpl-EPM-sign-enveloped-friendly.xml Ed -----Original Message----- From: Edward Shallow [mailto:[EMAIL PROTECTED] Sent: May 1, 2006 9:57 PM To: 'Aleksey Sanin' Cc: '[email protected]'; 'Dmitry Belyavsky' Subject: RE: [xmlsec] FW: Free/Destroy versus Memory Leak Aleksey, I tried a few more combinations. It seems to be related to the <KeyName> element which was used at signing to tell mscrypto what key to use. It is left over from that original sign activity. If you take <KeyName> out altogether it still works (probably uses key directly from X509Certificate) and leaks much less, but it still leaks a smaller amount. If it is left in and the <KeyName> exists in crypto store, it goes and gets it but seems not to free it and it leaks fast. If it is left in and the <KeyName> does not exist in crypto store, it still works, and it only leaks a bit. Hope this helps. Ed -----Original Message----- From: Aleksey Sanin [mailto:[EMAIL PROTECTED] Sent: May 1, 2006 9:17 PM To: [EMAIL PROTECTED] Cc: [email protected]; 'Dmitry Belyavsky' Subject: Re: [xmlsec] FW: Free/Destroy versus Memory Leak > xmlsec verify --crypto mscrypto --repeat 1000 --trusted-der > keys/upu-cacert.der inout/edsigned-enveloped.xml > > The run started off at around 4800K and ended up around 45,000K I > changed --repeat to 2000 and I ended up at 86,000K OK, I don't see any leaks on my test... Can you send the files you use in this run, please? Aleksey
<?xml version="1.0" encoding="UTF-8"?> <!-- Signature created by XMLDSIG Engine and XMLSec Lib V1.29 --> <Document> <Data>This is the data to be signed.</Data> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <dsig:Reference URI=""> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue></dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue></dsig:SignatureValue> <dsig:KeyInfo> <dsig:KeyName>Ed Shallow</dsig:KeyName> <dsig:X509Data><dsig:X509Certificate/><dsig:X509SubjectName/><dsig:X509IssuerSerial/> </dsig:X509Data> </dsig:KeyInfo> </dsig:Signature> </Document>
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
