Great to know you figured it out! Aleksey
On 3/9/16 12:45 AM, Miklos Vajna wrote: > Hi, > > On Tue, Mar 08, 2016 at 09:21:37AM -0800, Aleksey Sanin <[email protected]> > wrote: >> First, as I mentioned before, I would be happy to merge all the >> upstream patches that makes sense for the main xmlsec. Please >> don't hesitate to send pull requests :) > > Yes, thanks for the enouragement. The only patches I did myself are > these SHA-256 and the relationship ones, so for the rest I need to work > out what they do, bring them up to date against master, and can only > submit them then, so it takes time. But that's my long-term goal. > >> Unfortunately, I don't have a Windows environment anymore so I can't >> debug it myself. But I can give you a suggestion. As far as I recall, >> there is a function xmlSecMSCryptoFindProvider() which is used to >> find out the crypto provider for specific operation. I would suggest >> to put a breakpoint on this function and compare parameters for >> the cases of signing and verification. >> >> Let me know if it makes sense at all! > > Right, I found that. At the end my problem was that I incorrectly > generated my test certificates. After reading tests/keys/README > carefully again, I found that I did not use -CSP, and that's why the > certificate was loaded from the old store, which doesn't support SHA2. > > After using '-CSP "Microsoft Enhanced RSA and AES Cryptographic > Provider"' when generating the .p12 file my upgraded 1.2.15 + patches > result works as expected. :-) > > Regards, > > Miklos > _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
