Hi, On Tue, Mar 08, 2016 at 09:21:37AM -0800, Aleksey Sanin <[email protected]> wrote: > First, as I mentioned before, I would be happy to merge all the > upstream patches that makes sense for the main xmlsec. Please > don't hesitate to send pull requests :)
Yes, thanks for the enouragement. The only patches I did myself are these SHA-256 and the relationship ones, so for the rest I need to work out what they do, bring them up to date against master, and can only submit them then, so it takes time. But that's my long-term goal. > Unfortunately, I don't have a Windows environment anymore so I can't > debug it myself. But I can give you a suggestion. As far as I recall, > there is a function xmlSecMSCryptoFindProvider() which is used to > find out the crypto provider for specific operation. I would suggest > to put a breakpoint on this function and compare parameters for > the cases of signing and verification. > > Let me know if it makes sense at all! Right, I found that. At the end my problem was that I incorrectly generated my test certificates. After reading tests/keys/README carefully again, I found that I did not use -CSP, and that's why the certificate was loaded from the old store, which doesn't support SHA2. After using '-CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"' when generating the .p12 file my upgraded 1.2.15 + patches result works as expected. :-) Regards, Miklos
signature.asc
Description: Digital signature
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
