search

lsh123 / xmlsec

XML Security Library
Other
128 stars 97 forks source link

1.3.2: test suite is failing #730

Closed kloczek closed 6 months ago

kloczek commented 7 months ago

Looks like test suite still fails. (I'm using openssl 3.1.4)

kloczek commented 7 months ago
```console + cd xmlsec1-1.3.2 + /usr/bin/make -O -j48 V=1 VERBOSE=1 check Making check in include ---------------------------- ATTENTION ----------------------------------- --- Some of the tests use resources located on external HTTP servers. --- --- If you have no Internet connection or the external resource is not --- --- responding then the test will fail. --- ---------------------------- ATTENTION ----------------------------------- Making check in xmlsec Making check in openssl make[3]: Nothing to be done for 'check'. Making check in nss make[3]: Nothing to be done for 'check'. Making check in gcrypt make[3]: Nothing to be done for 'check'. Making check in gnutls make[3]: Nothing to be done for 'check'. make[3]: Nothing to be done for 'check-am'. make[2]: Nothing to be done for 'check-am'. Making check in src Making check in . make[2]: Nothing to be done for 'check-am'. Making check in openssl make[2]: Nothing to be done for 'check'. Making check in nss make[2]: Nothing to be done for 'check'. Making check in gcrypt make[2]: Nothing to be done for 'check'. Making check in gnutls make[2]: Nothing to be done for 'check'. Making check in apps make[1]: Nothing to be done for 'check'. Making check in man make[1]: Nothing to be done for 'check'. Making check in docs Making check in api make[2]: Nothing to be done for 'check'. make[2]: Nothing to be done for 'check-am'. for crypto in openssl nss gcrypt gnutls ; do \ make check-crypto-$crypto || exit 1 ; \ done make[1]: Entering directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' =================== Checking xmlsec-openssl ================================= --- testKeys started for xmlsec-openssl library (20231122_110245) --- --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testKeys.sh.20231122_110245-667929.log --------- Positive Testing ---------- Test: hmac-192 Checking required key data OK Creating new key OK Test: rsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file OK Reading private key name from pkcs12 file OK Reading private key from pkcs12 file using ossl-store OK Reading private key from pkcs8 pem file OK Reading private key from pkcs8 der file OK Reading private key from pem file OK Reading private key from der file OK Reading public key from pem file using ossl-store OK Reading public key from pem file OK Reading public key from der file OK Reading public key from pem cert file OK Reading public key from der cert file OK Test: dsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file OK Reading private key name from pkcs12 file OK Reading private key from pkcs12 file using ossl-store OK Reading private key from pkcs8 pem file OK Reading private key from pkcs8 der file OK Reading private key from pem file OK Reading private key from der file OK Reading public key from pem file using ossl-store OK Reading public key from pem file OK Reading public key from der file OK Reading public key from pem cert file OK Reading public key from der cert file OK Test: ec Checking required key data OK Reading private key from pkcs12 file OK Reading private key name from pkcs12 file OK Reading private key from pkcs12 file using ossl-store OK Reading private key from pkcs8 pem file OK Reading private key from pkcs8 der file OK Reading private key from pem file OK Reading private key from der file OK Reading public key from pem file using ossl-store OK Reading public key from pem file OK Reading public key from der file OK Reading public key from pem cert file OK Reading public key from der cert file OK Test: dh Checking required key data OK Test: des-192 Checking required key data OK Creating new key OK Test: aes-128 Checking required key data OK Creating new key OK Test: aes-192 Checking required key data OK Creating new key OK Test: aes-256 Checking required key data OK Creating new key OK --- testKeys finished --- --- detailed log is written to /tmp/testKeys.sh.20231122_110245-667929.log --- --- TOTAL OK: 43; OK (percent): 100; TOTAL FAILED: 0; TOTAL SKIPPED: 0 --- testDSig started for xmlsec-openssl library (20231122_110248) --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testDSig.sh.20231122_110248-668848.log --------- Positive Testing ---------- Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha1-truncated40 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha1-truncated160 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha224 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha224 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha256 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha384 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha512 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha224-rsa_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha256-rsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha384-rsa_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha512-rsa_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-keyinforeference-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-derencoded-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-derencoded-ec Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-x509digest-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig2ed-tests/defCan-1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig2ed-tests/defCan-2 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig2ed-tests/xpointer-1-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-2-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-3-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-4-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-5-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-6-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-subjectname Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-issuerserial Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-ski Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/signature-two-keynames Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-dsa-x509chain Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-x509chain Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-md5-hmac-md5 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloping-md5-hmac-md5-64 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/xpointer-hmac Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-hmac-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha224-hmac-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-hmac-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-hmac-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-hmac-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-md5-rsa-md5 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-rsa-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha224-rsa-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256-relationship Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-rsa-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-rsa-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha224-rsa-pss-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha256-rsa-pss-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha384-rsa-pss-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha512-rsa-pss-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_224-rsa-pss-sha3_224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_256-rsa-pss-sha3_256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_384-rsa-pss-sha3_384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_512-rsa-pss-sha3_512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-dsa2048-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-dsa3072-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha1-dsa-sha1 Checking required transforms OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1 Checking required transforms OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-ripemd160-ecdsa-ripemd160 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Checking required transforms OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha224-ecdsa-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha256-ecdsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha384-ecdsa-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha512-ecdsa-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_224-ecdsa-sha3_224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_256-ecdsa-sha3_256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_384-ecdsa-sha3_384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_512-ecdsa-sha3_512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-ecdsa-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-ecdsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-ecdsa-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-ecdsa-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-ecdsa-java-bug Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/dtd-hmac-91 DTD is present Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/dtd-hmac-91 Negative test: missing DTD Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/x509data-test Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/x509data-sn-test Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK --------- Certificate verification testing ---------- Test: aleksey-xmldsig-01/enveloping-expired-cert Negative test: expired cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloping-expired-cert Expired cert but there is verification timestamp overwrite Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256-verify Missing trusted cert but there is --insecure bypass Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256-verify Negative test: missing trusted cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Cert chaing is good Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Cert chain is missing but there is --insecure bypass Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: Missing intermidiate cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: Wront trusted cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: CRL present Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: CRL is past due Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert CRL is not valid yet Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert CRL is present but there is --insecure bypass Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Successfully use key without verification Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Negative test: key cannot be verified Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Negative test: key cannot be verified (cert is not yet valid) Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Successfully verify key Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmldsig-twenty-three/signature-enveloped-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-external-b64-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-external-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-keyname Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-crt Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-crt-crl Negative test: CRL is present Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmldsig-twenty-three/signature-x509-sn Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-is Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-ski Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-exc-c14n-one/exc-signature Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-c14n-three/signature Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xpath-filter2-three/sign-xfdl Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xpath-filter2-three/sign-spec Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-big Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-enveloping Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-manifest Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-md5-c14n-enveloping Checking required transforms Skip Test: phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-b64-transform Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xpath-transform Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xslt-transform Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloping Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method Negative test: bad retrieval method Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val Negative test: bad digest Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloped-bad-sig Negative test: bad sig Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-crl Negative test: CRL present Checking required transforms OK Checking required key data OK Verify existing signature OK --------- These tests CAN FAIL (extra OS config required) ---------- Test: aleksey-xmldsig-01/enveloped-gost2001 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloped-gost2012-256 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloped-gost2012-512 Checking required transforms Skip --- testDSig finished --- detailed log is written to /tmp/testDSig.sh.20231122_110248-668848.log --- TOTAL OK: 396; OK (percent): 98; TOTAL FAILED: 0; TOTAL SKIPPED: 7 --- testEnc started for xmlsec-openssl library (20231122_110325) --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testEnc.sh.20231122_110325-667928.log --------- Positive Testing ---------- Test: xmlenc11-interop-2012/xenc11-example-AES128-GCM Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey-example-ConcatKDF-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey3-example-ConcatKDF-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey-example-PBKDF2-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey3-example-PBKDF2-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__EC-P256__aes128-gcm__kw-aes128__ECDH-ES__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__EC-P384__aes192-gcm__kw-aes192__ECDH-ES__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__EC-P521__aes256-gcm__kw-aes256__ECDH-ES__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__DH-1024__aes128-gcm__kw-aes128__dh-es__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha1_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha224_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha256_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha384_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha512_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_224_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_256_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_384_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_512_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha1_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha224_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha256_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha384_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha512_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_subject_name Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_issuer_name_serial Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_ski Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha1 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha224 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha256 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha384 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha512 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_224 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_256 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_384 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_512 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-enc-keys Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-enc-keys Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/large_input Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-element-isolatin1 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-content-isolatin1 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname2 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes128cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes192cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes192cbc-keyname-ref Checking required transforms OK Decrypt existing document OK Test: aleksey-xmlenc-01/enc-aes192cbc-keyname-ref Negative test: all cipher references are disabled Decrypt existing document OK Test: aleksey-xmlenc-01/enc-aes256cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname-content Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname-element Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname-element-root Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-aes192-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1-params Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_md5 Checking required transforms Skip Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_ripemd160 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha224 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha384 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_md5_mgf1_sha512 Checking required transforms Skip Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_ripemd160_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha224_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha256_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha384_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha224 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha384 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1_mgf1_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha224_mgf1_sha224 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha256_mgf1_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha384_mgf1_sha384 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_enc11_sha512_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-recipients Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-recipients Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-aes128-cbc Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-content-tripledes-cbc Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-content-aes256-cbc-prop Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-element-aes192-cbc-ref Checking required transforms OK Decrypt existing document OK Test: merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256 Checking required transforms OK Decrypt existing document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5 Negative test: missing key Decrypt existing document OK Test: 01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kw-3des Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes128-kw-3des Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kw-aes128 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-3des-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes192-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes192-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes256-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-text-3des-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-text-aes128-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des Negative test: bad alg enc element Decrypt existing document OK --------- AES-GCM tests include both positive and negative tests ---------- --- detailed log is written to /tmp/testEnc.sh.20231122_110325-667928.log Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-04 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-04 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-04 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK --- testEnc finished --- detailed log is written to /tmp/testEnc.sh.20231122_110325-667928.log --- TOTAL OK: 695; OK (percent): 99; TOTAL FAILED: 0; TOTAL SKIPPED: 2 make[1]: Leaving directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' make[1]: Entering directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' =================== Checking xmlsec-nss ================================= --- testKeys started for xmlsec-nss library (20231122_110423) --- --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testKeys.sh.20231122_110423-698906.log --------- Positive Testing ---------- Test: hmac-192 Checking required key data OK Creating new key OK Test: rsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file Fail Reading private key name from pkcs12 file Fail Reading public key from der file Fail Reading public key from pem cert file Fail Reading public key from der cert file Fail Test: dsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file Fail Reading private key name from pkcs12 file Fail Reading public key from der file Fail Reading public key from pem cert file Fail Reading public key from der cert file Fail Test: ec Checking required key data OK Reading private key from pkcs12 file Fail Reading private key name from pkcs12 file Fail Reading public key from der file Fail Reading public key from pem cert file Fail Reading public key from der cert file Fail Test: dh Checking required key data Skip Test: des-192 Checking required key data OK Creating new key OK Test: aes-128 Checking required key data OK Creating new key OK Test: aes-192 Checking required key data OK Creating new key OK Test: aes-256 Checking required key data OK Creating new key OK --- testKeys finished --- --- detailed log is written to /tmp/testKeys.sh.20231122_110423-698906.log --- --- TOTAL OK: 7; OK (percent): 30; TOTAL FAILED: 15; TOTAL SKIPPED: 1 Test: rsa-1024 -- expected success /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 check-key-data --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config rsa Key data "rsa" found /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 keys --gen-key:test-rsa rsa-1024 --keys-file /tmp/xmlsec-crypto-config/keys.xml --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config /tmp/xmlsec-crypto-config/keys.xml /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231122_110423-698906.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=rsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231122_110423-698906.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=rsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersapubkey.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=rsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-pem /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersacert.pem --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=rsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersacert.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=rsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml" Test: dsa-1024 -- expected success /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 check-key-data --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config dsa Key data "dsa" found /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 keys --gen-key:test-dsa dsa-1024 --keys-file /tmp/xmlsec-crypto-config/keys.xml --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config /tmp/xmlsec-crypto-config/keys.xml /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231122_110423-698906.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=dsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231122_110423-698906.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=dsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsapubkey.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=dsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-pem /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsacert.pem --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=dsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsacert.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=dsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml" Test: ec -- expected success /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 check-key-data --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config ec Key data "ec" found /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-key.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231122_110423-698906.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=ecdsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-key.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231122_110423-698906.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=ecdsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-pubkey.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=ecdsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-pem /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-cert.pem --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=ecdsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-cert.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=ecdsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml" make[1]: *** [Makefile:1213: check-crypto-nss] Error 15 make[1]: Leaving directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' make: *** [Makefile:1208: check-all] Error 1 ```
lsh123 commented 7 months ago

What version of NSS do you use? The error code (-8011) is SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED. Likely your linux distro decided to disable SHA1. You should check your policy configs (e.g. check this link: https://linux.extremeoverclocking.com/man/1/nss-policy-check)

On xmlsec side, it should be possible to detect if a specific algo is disabled by NSS and not even enable it in xmlsec (thus skipping these tests). I will look into this a little bit later - it doesn't look very critical.

lsh123 commented 7 months ago

Note: it can be key size as well (i.e. tests might use smaller key size than it is allowed on the system):

https://github.com/nss-dev/nss/blob/4b501b03235c9ff5102d21763aecfb784f5ac41a/lib/cryptohi/secvfy.c#L484

lsh123 commented 7 months ago

Sorry missed this

(I'm using openssl 3.1.4)

And if you don't care about NSS, then you can just disable it with

./configure --without-nss [other options]

kloczek commented 7 months ago

What version of NSS do you use?

3.94.0

lsh123 commented 6 months ago

@klocze Any chance you can try PR #734 in your environment? Expected result is that the tests are skipped and not failing

kloczek commented 6 months ago

One sec ..

kloczek commented 6 months ago

Cannot apply that PR on top of 1.3.2 + ffb32737

+ cd xmlsec1-1.3.2
+ rm -rf /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/SPECPARTS
+ /usr/bin/mkdir -p /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/SPECPARTS
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ /usr/lib/rpm/rpmuncompress /home/tkloczko/rpmbuild/SOURCES/xmlsec1-Fix-libxml2-v2.12.0-includes-729.patch
+ /usr/bin/patch -p1 -s --fuzz=0 --no-backup-if-mismatch -f
+ /usr/lib/rpm/rpmuncompress /home/tkloczko/rpmbuild/SOURCES/xmlsec1-xmlsec-nss-Added-runtime-check-for-the-enabled.patch
+ /usr/bin/patch -p1 -s --fuzz=0 --no-backup-if-mismatch -f
1 out of 1 hunk FAILED -- saving rejects to file docs/index.html.rej
kloczek commented 6 months ago
After remove manually from PR patching documentation I was able to start build .. negative result ```console + /usr/bin/make -O -j48 V=1 VERBOSE=1 check Making check in include ---------------------------- ATTENTION ----------------------------------- --- Some of the tests use resources located on external HTTP servers. --- --- If you have no Internet connection or the external resource is not --- --- responding then the test will fail. --- ---------------------------- ATTENTION ----------------------------------- Making check in xmlsec Making check in openssl make[3]: Nothing to be done for 'check'. Making check in nss make[3]: Nothing to be done for 'check'. Making check in gcrypt make[3]: Nothing to be done for 'check'. Making check in gnutls make[3]: Nothing to be done for 'check'. make[3]: Nothing to be done for 'check-am'. make[2]: Nothing to be done for 'check-am'. Making check in src Making check in . make[2]: Nothing to be done for 'check-am'. Making check in openssl make[2]: Nothing to be done for 'check'. Making check in nss make[2]: Nothing to be done for 'check'. Making check in gcrypt make[2]: Nothing to be done for 'check'. Making check in gnutls make[2]: Nothing to be done for 'check'. Making check in apps make[1]: Nothing to be done for 'check'. Making check in man make[1]: Nothing to be done for 'check'. Making check in docs Making check in api make[2]: Nothing to be done for 'check'. make[2]: Nothing to be done for 'check-am'. for crypto in openssl nss gcrypt gnutls ; do \ make check-crypto-$crypto || exit 1 ; \ done make[1]: Entering directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' =================== Checking xmlsec-openssl ================================= --- testKeys started for xmlsec-openssl library (20231219_010558) --- --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testKeys.sh.20231219_010558-2586280.log --------- Positive Testing ---------- Test: hmac-192 Checking required key data OK Creating new key OK Test: rsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file OK Reading private key name from pkcs12 file OK Reading private key from pkcs12 file using ossl-store OK Reading private key from pkcs8 pem file OK Reading private key from pkcs8 der file OK Reading private key from pem file OK Reading private key from der file OK Reading public key from pem file using ossl-store OK Reading public key from pem file OK Reading public key from der file OK Reading public key from pem cert file OK Reading public key from der cert file OK Test: dsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file OK Reading private key name from pkcs12 file OK Reading private key from pkcs12 file using ossl-store OK Reading private key from pkcs8 pem file OK Reading private key from pkcs8 der file OK Reading private key from pem file OK Reading private key from der file OK Reading public key from pem file using ossl-store OK Reading public key from pem file OK Reading public key from der file OK Reading public key from pem cert file OK Reading public key from der cert file OK Test: ec Checking required key data OK Reading private key from pkcs12 file OK Reading private key name from pkcs12 file OK Reading private key from pkcs12 file using ossl-store OK Reading private key from pkcs8 pem file OK Reading private key from pkcs8 der file OK Reading private key from pem file OK Reading private key from der file OK Reading public key from pem file using ossl-store OK Reading public key from pem file OK Reading public key from der file OK Reading public key from pem cert file OK Reading public key from der cert file OK Test: dh Checking required key data OK Test: des-192 Checking required key data OK Creating new key OK Test: aes-128 Checking required key data OK Creating new key OK Test: aes-192 Checking required key data OK Creating new key OK Test: aes-256 Checking required key data OK Creating new key OK --- testKeys finished --- --- detailed log is written to /tmp/testKeys.sh.20231219_010558-2586280.log --- --- TOTAL OK: 43; OK (percent): 100; TOTAL FAILED: 0; TOTAL SKIPPED: 0 --- testDSig started for xmlsec-openssl library (20231219_010601) --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testDSig.sh.20231219_010601-2587195.log --------- Positive Testing ---------- Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha1-truncated40 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha1-truncated160 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha224 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha224 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha256 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha384 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-hmac-sha512 Checking required transforms OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p256_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p384_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-p521_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa_sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-rsa_sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha224-rsa_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha256-rsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha384-rsa_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-sha512-rsa_sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig11-interop-2012/signature-enveloping-keyinforeference-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-derencoded-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-derencoded-ec Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig11-interop-2012/signature-enveloping-x509digest-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig2ed-tests/defCan-1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig2ed-tests/defCan-2 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: xmldsig2ed-tests/xpointer-1-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-2-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-3-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-4-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-5-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: xmldsig2ed-tests/xpointer-6-SUN Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-subjectname Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-issuerserial Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-ski Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-x509-digest-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/signature-two-keynames Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-dsa-x509chain Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-x509chain Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-md5-hmac-md5 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloping-md5-hmac-md5-64 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/xpointer-hmac Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-hmac-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha224-hmac-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-hmac-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-hmac-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-hmac-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-md5-rsa-md5 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-rsa-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha224-rsa-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256-relationship Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-rsa-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-rsa-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha224-rsa-pss-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha256-rsa-pss-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha384-rsa-pss-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha512-rsa-pss-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_224-rsa-pss-sha3_224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_256-rsa-pss-sha3_256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_384-rsa-pss-sha3_384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_512-rsa-pss-sha3_512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-rsa-pss-sha3_512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-dsa2048-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-dsa3072-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha1-dsa-sha1 Checking required transforms OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1 Checking required transforms OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-ripemd160-ecdsa-ripemd160 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Checking required transforms OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha224-ecdsa-sha224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha256-ecdsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha384-ecdsa-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha512-ecdsa-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_224-ecdsa-sha3_224 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_256-ecdsa-sha3_256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_384-ecdsa-sha3_384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-sha3_512-ecdsa-sha3_512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha1-ecdsa-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha256-ecdsa-sha256 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha384-ecdsa-sha384 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloping-sha512-ecdsa-sha512 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/enveloped-ecdsa-java-bug Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/dtd-hmac-91 DTD is present Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/dtd-hmac-91 Negative test: missing DTD Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/x509data-test Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: aleksey-xmldsig-01/x509data-sn-test Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK --------- Certificate verification testing ---------- Test: aleksey-xmldsig-01/enveloping-expired-cert Negative test: expired cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloping-expired-cert Expired cert but there is verification timestamp overwrite Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256-verify Missing trusted cert but there is --insecure bypass Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloping-sha256-rsa-sha256-verify Negative test: missing trusted cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Cert chaing is good Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Cert chain is missing but there is --insecure bypass Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: Missing intermidiate cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: Wront trusted cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: CRL present Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert Negative test: CRL is past due Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert CRL is not valid yet Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-x509-missing-cert CRL is present but there is --insecure bypass Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Successfully use key without verification Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Negative test: key cannot be verified Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Negative test: key cannot be verified (cert is not yet valid) Checking required transforms OK Checking required key data OK Verify existing signature OK Test: aleksey-xmldsig-01/enveloped-sha1-rsa-sha1 Successfully verify key Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmldsig-twenty-three/signature-enveloped-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1 Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-enveloping-rsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-external-b64-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-external-dsa Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-keyname Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-crt Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-crt-crl Negative test: CRL is present Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmldsig-twenty-three/signature-x509-sn Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-is Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-x509-ski Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmldsig-twenty-three/signature Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5 Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-exc-c14n-one/exc-signature Checking required transforms OK Checking required key data OK Verify existing signature OK Create new signature OK Verify new signature OK Test: merlin-c14n-three/signature Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xpath-filter2-three/sign-xfdl Checking required transforms OK Checking required key data OK Verify existing signature OK Test: merlin-xpath-filter2-three/sign-spec Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-big Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-enveloping Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-dsa-manifest Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-md5-c14n-enveloping Checking required transforms Skip Test: phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-b64-transform Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xpath-transform Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xslt-transform Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloping Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method Negative test: bad retrieval method Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val Negative test: bad digest Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-enveloped-bad-sig Negative test: bad sig Checking required transforms OK Checking required key data OK Verify existing signature OK Test: phaos-xmldsig-three/signature-rsa-manifest-x509-data-crl Negative test: CRL present Checking required transforms OK Checking required key data OK Verify existing signature OK --------- These tests CAN FAIL (extra OS config required) ---------- Test: aleksey-xmldsig-01/enveloped-gost2001 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloped-gost2012-256 Checking required transforms Skip Test: aleksey-xmldsig-01/enveloped-gost2012-512 Checking required transforms Skip --- testDSig finished --- detailed log is written to /tmp/testDSig.sh.20231219_010601-2587195.log --- TOTAL OK: 396; OK (percent): 98; TOTAL FAILED: 0; TOTAL SKIPPED: 7 --- testEnc started for xmlsec-openssl library (20231219_010641) --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testEnc.sh.20231219_010641-2586279.log --------- Positive Testing ---------- Test: xmlenc11-interop-2012/xenc11-example-AES128-GCM Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey-example-ConcatKDF-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey3-example-ConcatKDF-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey-example-PBKDF2-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/dkey3-example-PBKDF2-crypto Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__EC-P256__aes128-gcm__kw-aes128__ECDH-ES__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__EC-P384__aes192-gcm__kw-aes192__ECDH-ES__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__EC-P521__aes256-gcm__kw-aes256__ECDH-ES__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: xmlenc11-interop-2012/cipherText__DH-1024__aes128-gcm__kw-aes128__dh-es__ConcatKDF Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha1_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha224_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha256_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha384_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha512_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_224_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_256_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_384_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_concatkdf_sha3_512_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha1_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha224_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha256_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha384_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_ecdh_p256_pbkdf2_1000_hmac_sha512_kw_aes256_aes128gcm Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_subject_name Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_issuer_name_serial Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_ski Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha1 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha224 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha256 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha384 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha512 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_224 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_256 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_384 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc_rsa_1_5_x509_digest_sha3_512 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-enc-keys Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-enc-keys Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/large_input Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-element-isolatin1 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-content-isolatin1 Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname2 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes128cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes192cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes192cbc-keyname-ref Checking required transforms OK Decrypt existing document OK Test: aleksey-xmlenc-01/enc-aes192cbc-keyname-ref Negative test: all cipher references are disabled Decrypt existing document OK Test: aleksey-xmlenc-01/enc-aes256cbc-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname-content Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname-element Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-keyname-element-root Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-des3cbc-aes192-keyname Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1-params Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_md5 Checking required transforms Skip Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_ripemd160 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha224 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha384 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_md5_mgf1_sha512 Checking required transforms Skip Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_ripemd160_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha224_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha256_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha384_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha224 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha384 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha1_mgf1_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha224_mgf1_sha224 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha256_mgf1_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha384_mgf1_sha384 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_sha512_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-aes256-kt-rsa_oaep_enc11_sha512_mgf1_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-recipients Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: aleksey-xmlenc-01/enc-two-recipients Checking required transforms OK Checking required key data OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-aes128-cbc Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-content-tripledes-cbc Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-content-aes256-cbc-prop Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-element-aes192-cbc-ref Checking required transforms OK Decrypt existing document OK Test: merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256 Checking required transforms OK Decrypt existing document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5 Negative test: missing key Decrypt existing document OK Test: 01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-3des-kw-3des Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes128-kw-3des Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kw-aes128 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes128-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-3des-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-content-aes192-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes192-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-element-aes256-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-text-3des-kw-aes256 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/enc-text-aes128-kw-aes192 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: 01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des Negative test: bad alg enc element Decrypt existing document OK --------- AES-GCM tests include both positive and negative tests ---------- --- detailed log is written to /tmp/testEnc.sh.20231219_010641-2586279.log Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-104-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-128-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-04 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-256-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-04 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes128/aes128-gcm-96-408-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-104-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-128-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-256-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes192/aes192-gcm-96-408-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-01 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-05 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-14 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-104-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-08 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-11 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-12 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-128-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-02 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-03 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-04 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-06 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-07 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-09 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-10 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-13 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-256-0-128-15 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-01 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-02 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-03 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-04 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-05 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-06 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-07 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-08 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-09 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-10 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-11 Checking required transforms OK Decrypt existing document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-12 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-13 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-14 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK Test: nist-aesgcm/aes256/aes256-gcm-96-408-0-128-15 Checking required transforms OK Decrypt existing document OK Encrypt document OK Decrypt new document OK --- testEnc finished --- detailed log is written to /tmp/testEnc.sh.20231219_010641-2586279.log --- TOTAL OK: 695; OK (percent): 99; TOTAL FAILED: 0; TOTAL SKIPPED: 2 make[1]: Leaving directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' make[1]: Entering directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' =================== Checking xmlsec-nss ================================= --- testKeys started for xmlsec-nss library (20231219_010740) --- --- LD_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/.libs: --- LTDL_LIBRARY_PATH=/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gnutls/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/gcrypt/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/nss/.libs:/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/src/openssl/.libs: --- log file is /tmp/testKeys.sh.20231219_010740-2618091.log --------- Positive Testing ---------- Test: hmac-192 Checking required key data OK Creating new key OK Test: rsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file Fail Reading private key name from pkcs12 file Fail Reading public key from der file Fail Reading public key from pem cert file Fail Reading public key from der cert file Fail Test: dsa-1024 Checking required key data OK Creating new key OK Reading private key from pkcs12 file Fail Reading private key name from pkcs12 file Fail Reading public key from der file Fail Reading public key from pem cert file Fail Reading public key from der cert file Fail Test: ec Checking required key data OK Reading private key from pkcs12 file Fail Reading private key name from pkcs12 file Fail Reading public key from der file Fail Reading public key from pem cert file Fail Reading public key from der cert file Fail Test: dh Checking required key data Skip Test: des-192 Checking required key data OK Creating new key OK Test: aes-128 Checking required key data OK Creating new key OK Test: aes-192 Checking required key data OK Creating new key OK Test: aes-256 Checking required key data OK Creating new key OK --- testKeys finished --- --- detailed log is written to /tmp/testKeys.sh.20231219_010740-2618091.log --- --- TOTAL OK: 7; OK (percent): 30; TOTAL FAILED: 15; TOTAL SKIPPED: 1 Test: rsa-1024 -- expected success /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 check-key-data --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config rsa Key data "rsa" found /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 keys --gen-key:test-rsa rsa-1024 --keys-file /tmp/xmlsec-crypto-config/keys.xml --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config /tmp/xmlsec-crypto-config/keys.xml /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231219_010740-2618091.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=rsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231219_010740-2618091.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=rsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersapubkey.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=rsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-pem /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersacert.pem --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=rsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/largersacert.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=rsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=rsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-rsa-sha1.xml" Test: dsa-1024 -- expected success /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 check-key-data --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config dsa Key data "dsa" found /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 keys --gen-key:test-dsa dsa-1024 --keys-file /tmp/xmlsec-crypto-config/keys.xml --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config /tmp/xmlsec-crypto-config/keys.xml /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231219_010740-2618091.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=dsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsakey.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231219_010740-2618091.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=dsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsapubkey.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=dsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-pem /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsacert.pem --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=dsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/dsacert.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=dsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=dsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-dsa-sha1.xml" Test: ec -- expected success /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 check-key-data --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config ec Key data "ec" found /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-key.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231219_010740-2618091.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=ecdsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 sign --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --pkcs12 /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-key.p12 --pwd secret123 --enabled-key-data key-name --output /tmp/testKeys.sh.20231219_010740-2618091.tmp /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl func=xmlSecNssSignatureSetKey:file=signatures.c:line=560:obj=ecdsa-sha1:subj=SGN_NewContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=301:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Signature status: ERROR Error: failed to sign file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.tmpl" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-pubkey.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=ecdsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-pem /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-cert.pem --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=ecdsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml" /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/apps/xmlsec1 verify --verbose --crypto nss --crypto-config /tmp/xmlsec-crypto-config --lax-key-search --pubkey-cert-der /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/keys/ecdsa-secp256r1-cert.der --pwd secret123 --enabled-key-data key-name /home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml func=xmlSecNssSignatureSetKey:file=signatures.c:line=599:obj=ecdsa-sha1:subj=VFY_CreateContext:error=4:crypto library function failed:NSS error: -8011 func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=830:obj=ecdsa-sha1:subj=xmlSecTransformSetKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=537:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=357:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Verification status: ERROR SignedInfo References (ok/all): 0/0 Manifests References (ok/all): 0/0 Error: failed to verify file "/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2/tests/aleksey-xmldsig-01/enveloped-sha1-ecdsa-sha1.xml" make[1]: *** [Makefile:1213: check-crypto-nss] Error 15 make[1]: Leaving directory '/home/tkloczko/rpmbuild/BUILD/xmlsec1-1.3.2' make: *** [Makefile:1208: check-all] Error 1 ```
lsh123 commented 6 months ago

Thank you for the test! Back to drawing board.

kloczek commented 6 months ago

Glad to be able help 😋

lsh123 commented 6 months ago

@kloczek sorry to bug you but I can't reproduce this with nss 3.94.0, might be some config on your machine. I've updated the PR #734 with one more try -- any chance you can test it on your box? same issue with docs that might not apply clean if it is not master.

Also, what is the OS you use? May be I can try to repro if I get the exact OS right as well, not just nss version.

kloczek commented 6 months ago

I was able to reproduce that with nss from Fedora rawhide.

kloczek commented 6 months ago

Other way .. if you see any possibility how can I try to make any diagnostics to expose that issue please let me know.

lsh123 commented 6 months ago

It's some config in NSS that Fedora applied and I have no idea which config is that :)

petrovr commented 6 months ago

Note that NSS support so called "crypto policies". It depends how NSS is build and then from host configuration. If I remember well with level set to future SHA1 is not acceptable.

Also regression / unit test could bypass those settings with an environment variable.

lsh123 commented 6 months ago

I got it reproduced with Fedora, seems like it is based on the key size limits so my patch didn't help (it was looking at algorithm). I will see if there are other options to fix those tests.

kloczek commented 6 months ago

Note that NSS support so called "crypto policies". It depends how NSS is build and then from host configuration. If I remember well with level set to future SHA1 is not acceptable.

Fedora nss is not patched to use central host crypto policies https://src.fedoraproject.org/rpms/nss/blob/rawhide/f/nss.spec#_129

petrovr commented 6 months ago

Tomasz KÅ‚oczko wrote:

Note that NSS support so called "crypto policies". It depends how NSS is build and then from host configuration. If I remember well with level set to future SHA1 is not acceptable.

Fedora nss is not patched to use central host crypto policies https://src.fedoraproject.org/rpms/nss/blob/rawhide/f/nss.spec#_129

Patched vs enabled?

May be this is related, quote from nss.spec: ....

Set the policy file location

if set NSS will always check for the policy file and load if it exists

export POLICY_FILE="nss.config"

location of the policy file

export POLICY_PATH="/etc/crypto-policies/back-ends" ....

Roumen

lsh123 commented 6 months ago

Yep, exactly. Anyway, there is a way to disable all of this: PR #744. It works for me on Fedora (you need to install nss-tools package as well though, no idea why Fedora splits everything in tiny packages).

lsh123 commented 6 months ago

I am going to close this issue since I cannot reproduce the failures on Fedora rawhide anymore with PR #744. Please re-open if it is still broken for you.

kloczek commented 6 months ago

1.3.2 fails with latest libxml 2.12.x and as fix for that issue is already committed IMO it would be good to release new version.

BTW is it possible to change tagging convention from xmlsec_<version_with_underscores> to just <version.with.dots>? 🤔 Autogenerated from git tag tar ball has inside base directory formed out of <repo_name>-<git_tag> so autogenerated from git tag tar ball https://github.com/lsh123/xmlsec/releases/download/xmlsec-1_2_39/xmlsec1-1.2.39.tar.gz has inside base directory xmlsec-xmlsec-1_2_39 and dist tar ball https://github.com/lsh123/xmlsec/releases/download/xmlsec-1_2_39/xmlsec1-1.2.39.tar.gz is not easy available because actual tag is using version string with underscores.

BTW it is not necessary to use separated dist tar ball signature as autogenerated can be signed using native github signs https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-tags And yet another link to github documentation: https://docs.github.com/en/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits

lsh123 commented 6 months ago

1.3.2 fails with latest libxml 2.12.x and as fix for that issue is already committed IMO it would be good to release new version.

Yeah, I was thinking about it since I just got 1.2.39 out for similar reasons.

BTW is it possible to change tagging convention...

I just have this system for ages and want to keep it consistent. I am not using github for generating tarballs anyway

lsh123 commented 6 months ago

So I am going to do two tags (old and new one) for a little bit. I published 1.3.3-rc1-- please try it out and let me know if you see any issues!

kloczek commented 6 months ago

just have this system for ages and want to keep it consistent. I am not using github for generating tarballs anyway

Always it is possible to rename old tags as well 😋