Here is the change that added tests and also added the note to the readme file with the commands used to generate the keys:
https://github.com/lsh123/xmlsec/commit/8a234bb11183bd2f978365d089c2874c3351300e#diff-63b09e79322947706d90f6ac2ff46597 Aleksey On 2/15/17 3:22 AM, Miklos Vajna wrote: > Hi, > > I tried to look at supporting ECDSA in the nss backend. Here is a work > in progress code: > > https://github.com/vmiklos/xmlsec/tree/nss-ecdsa-wip > > (I'll send a pull request when it actually works.) > > It currently fails as it seems the enveloping-sha512-ecdsa-sha512.xml > test file is using an EC key where the parameter is secp256k1, which is > not supported by NSS. > > Here is a list of parameters supported by NSS: > > http://www.mail-archive.com/[email protected]/msg12766.html > > So based on that, perhaps I would start with secp256r1. Which leads to > the question I would like this ask: > > How are the ecdsa-secp256k1 test keys are generated? I found no commands > regarding them in tests/keys/README. > > If the documentation could be updated, then perhaps a way forward would > be adding ecdsa-secp256r1 testcases for openssl, and then I could > validate my NSS code by making sure the same tests pass for the NSS > backend as well. > > Thanks, > > Miklos > > > > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
