Issue 57942 - xmlsecurity: verification of signatures always fail
Summary: xmlsecurity: verification of signatures always fail
Status: CLOSED FIXED
Alias: None
Product: xml
Classification: Code
Component: code (show other issues)
Version: 680m136
Hardware: All Windows 98
: P3 Trivial (vote)
Target Milestone: OOo 2.0.3
Assignee: frank
QA Contact: issues@xml
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2005-11-15 16:01 UTC by joachim.lingner
Modified: 2006-05-11 12:17 UTC (History)
3 users (show)

See Also:
Issue Type: DEFECT
Latest Confirmation in: ---
Developer Difficulty: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description joachim.lingner 2005-11-15 16:01:41 UTC 
The reason is the use of the CSP "MS_STRONG_PROV" when calling
CryptAcquireContext in the function 
xmlSecMSCryptoDigestInitialize

Fix: Use as fallback the CSP "MS_ENHANCED_PROV".

This is now fixed in  revision 1.4 of xmlsecsrc/mscrypto/digests.c (the original
repository, not our libxmlsec project)
Comment 1 joachim.lingner 2005-11-18 08:19:40 UTC 
.
Comment 2 frank 2005-12-14 12:33:13 UTC 
checked and found not fixed
Comment 3 pavel 2006-01-18 20:11:28 UTC 
jl: what is the status: can you make the fix for OOo 2.0.2 also?


What does it mean original repository? Upstream? If so, can you update our version too?
Comment 4 Mathias_Bauer 2006-01-20 17:17:20 UTC 
We will not finish this until 2.0.2 code freeze -> retargetting to 2.0.3
Comment 5 kai.sommerfeld 2006-02-14 14:55:28 UTC 
.
Comment 6 joachim.lingner 2006-03-01 16:34:42 UTC 
Fixed again
Comment 7 joachim.lingner 2006-03-01 16:35:11 UTC 
.
Comment 8 frank 2006-03-09 09:27:30 UTC 
checked and found fixed on cws jl26.
Comment 9 frank 2006-05-11 12:17:41 UTC 
found integrated on master m168