<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2523" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Hello!</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Up until now I have used a PKCS#12 file to sign
documents in xmlsec (using MSCrypto). Now I'm faced with the problem that I
cannot create a PKCS#12 file because the private keys are not exportable. How
can I handle this in xmlsec?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I was thinking about something like
this:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>1) First I retrieve a PCERT_CONTEXT from MSCrypto
</FONT></DIV>
<DIV><FONT face=Arial size=2>2) Now I call xmlSecMSCryptoCertAdopt to get a
xmlSecKeyDataPtr</FONT></DIV>
<DIV><FONT face=Arial size=2>3) Third I create a new xmlSecKeyPtr by calling
xmlSecKeyCreate</FONT></DIV>
<DIV><FONT face=Arial size=2>4) Now I call xmlSecKeySetValue(xmlSecKeyPtr,
xmlSecKeyDataPtr)</FONT></DIV>
<DIV><FONT face=Arial size=2>5) I now create a xmlSecDSigCtx using
xmlSecDSigCtxCreate</FONT></DIV>
<DIV><FONT face=Arial size=2>6) I can now assign xmlSecDSigCtx->signKey with
the xmlSecKeyPtr</FONT></DIV>
<DIV><FONT face=Arial size=2>7) Last I call xmlSecDSigCtxSign</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Will this approach work and is it a good
one?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>At what stage will MSCrypto ask me to enter the
password in order to encrypt the document (my guess is at stage 7).
</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>If I have several documents that need signing will
this method force MSCrypto to prompt me for a password every time or is there a
way around this problem? I thought about using a keys manager but I have no idea
how to do this and even if it will solve my problem.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT><FONT face=Arial size=2>I have looked
through all examples without getting a clear idea on how to solve my
problem.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Thanks,</FONT></DIV>
<DIV><FONT face=Arial size=2>Erik F. Andersen</FONT></DIV></BODY></HTML>