W3C home > Mailing lists > Public > public-xmlsec@w3.org > March 2015

Re: Test vector ECDSA keys invalid?

From: Nachman Scharf <nachman@cirqlive.com>
Date: Sun, 1 Mar 2015 15:43:28 +0200
Message-ID: <CAC=pNN36a+vx8H3bkbEs2sGV9RnPYAAQHhB_eF=Bf1kj-_kvDg@mail.gmail.com>
To: public-xmlsec@w3.org
Okay, I managed to figure it out.

xmlsec1 contained a bug with large ECDSA curves (filed and fixed here:
https://bugzilla.gnome.org/show_bug.cgi?id=745269)

I'm still not sure why xmlsec1 can't seem to load private keys for signing,
but in using OpenSSL directly, they can be loaded using
d2i_AutoPrivateKey() without difficulty.

OpenSSL seems to use a different format for the keys it generates which are
significantly larger. I haven't figured out how to convert one format to
another, but at this point, that doesn't really matter.

Sorry for bothering anyone.
-Nachman
Received on Sunday, 1 March 2015 13:44:17 UTC

This archive was generated by hypermail 2.3.1 : Sunday, 1 March 2015 13:44:17 UTC