[xmlsec] Incompatibility between OPENSSL nad MSCRYPTO engines?

Aleksey Sanin aleksey at aleksey.com
Sun Oct 23 13:20:41 PDT 2011 

It is a problem with mscrypto api.

Aleksey

On 10/23/11 10:51 AM, Josef Kokeš wrote:
> On 21.10.2011 19:01, Aleksey Sanin wrote:
>> Basically, xmlsec-mscrypto doesn't support pkcs12 format. Only DER
>> format is supported.
>
> Thanks for the answer. Before I try to develop a solution, could you
> please tell me if it is the case of MS Crypto API not supporting the
> required functionality or simply a lack of
> resources/time/interest/whatever on your part? In other word, would a
> fix involve modification of LibXmlSec or would it require a modification
> of CryptoAPI?
>
> Thanks,
>
> Pepak
>
>>
>> Aleksey
>>
>> On 10/20/11 11:09 PM, Josef Kokeš wrote:
>>> Oops, I completely overlooked the error message. Here it is:
>>>
>>> func=xmlSecMSCryptoAppKeyLoadMemory:file=..\src\mscrypto\app.c:line=237:obj=unknown:subj=format
>>>
>>> == xmlSecKeyDataFormatCertDer:error=100:assertion: ;last error=0
>>> (0x00000000);last error msg=Operace byla dokončena úspěšně.
>>>
>>> (last error msg translated to english: "The operation was successfully
>>> completed")
>>>
>>> Seems to be an incompatible encoding, but why? It's a standard PFX, I
>>> don't think I can choose encoding for that.
>>>
>>> Pepak
>>>
>>>> Hi!
>>>>
>>>> I have been using XmlSec for some time, but only with the OpenSSL
>>>> engine. Now I find myself in need of using a MS-Crypto engine (I
>>>> want to
>>>> use tokens for certificate storage). I thought I would simply change
>>>> the
>>>> parameter of xmlSecCryptoDLLoadLibrary from "openssl" to "mscrypto",
>>>> but
>>>> apparently that is not the case:
>>>>
>>>> When I start preparing the signature context, the xmlSecDSigCtxCreate
>>>> succeeds but the following xmlSecCryptoAppKeyLoadMemory(PfxBuf,
>>>> PfxSize,
>>>> xmlSecKeyDataFormatPkcs12, PfxPassword, 0, 0) returns 0 - the key could
>>>> not be loaded. But the same command succeeds with OpenSSL. I thought
>>>> perhaps it's another case of incompatible PFX files between Windows XP
>>>> and newer Windows, but that is not the case as I can import the PFX
>>>> correctly using the OS's tools.
>>>>
>>>> I am using LibXmlSec version 1.2.18 under Windows, as compiled by Igor
>>>> Zlatkovic in no-unicode mode.
>>>>
>>>> What could possibly be the problem?
>>>>
>>>> Thanks,
>>>>
>>>> Pepak
>>>> _______________________________________________
>>>> xmlsec mailing list
>>>> xmlsec at aleksey.com
>>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>>>
>>>>
>>>>
>>>> __ Zkontrolovano antivirovym programem NOD32 __
>>>> _______ Mailscanner spolecnosti Phoenix _______
>>>
>>> _______________________________________________
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>
>>
>>
>> __ Zkontrolovano antivirovym programem NOD32 __
>> _______ Mailscanner spolecnosti Phoenix _______
>

More information about the xmlsec mailing list