<div>hello Aleksey and Ed,</div>
<div>I use:</div>
<div>openssl x509 -inform pem -in cert.pem -pubkey -noout > publickey.pem</div>
<div> </div>
<div>to extract the public key from certificate, and then load the public key into keymanager:</div>
<div> key = xmlSecCryptoAppKeyLoad(publickeyfile, xmlSecKeyDataFormatPem, NULL, NULL, NULL);</div>
<div>xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key);</div>
<div> </div>
<div>It seems to work.</div>
<div> </div>
<div>My following question is, is there some api in xmlsec which I can use to extract public key directly from certificate. I know in openssl there is X509_get_pubkey(certfile), but the return type is EVP_PKEY, here we need xmlSecKeyPtr.</div>
<div> </div>
<div>Thanks</div>
<div>Weizhong</div>
<div><br><br> </div>
<div><span class="gmail_quote">On 6/26/08, <b class="gmail_sendername">Aleksey Sanin</b> <<a href="mailto:aleksey@aleksey.com">aleksey@aleksey.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Ah, I see.... I guess it is a copy/paste error for the comment :)<br><span class="sg"><br>Aleksey</span>
<div><span class="e" id="q_11ac6c8b199e906f_2"><br><br>Ed Shallow wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">I believe Weizhong is asking why is the "private" key being loaded if one simply wants to encrypt.<br>
<br>Loading a public certificate in .pem should be appropriate.<br><br>Why is private even mentioned ?<br><br><br>Aleksey Sanin wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">The session key is created for you automatically if you specify<br>that you want AES, DES, ... encryption for the data. Look at the<br>
xmlsec/tests/ examples.<br><br><br>Aleksey<br><br>wz qiang wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">hi Aleksey and others,<br> In encrypt3.c, there is one line for loading private key.<br> /* load private RSA key */<br>
key = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);<br> I my understanding, normally the public key is used for encrypting the session key, and then on the other side private key is used for decrypting the session key (session key is used for encrypting the data). So my question is, how I can do like that by using xmlsec API?<br>
Thanks in advance<br>Weizhong Qiang<br><br><br>------------------------------------------------------------------------<br><br>_______________________________________________<br>xmlsec mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br>
<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a><br></blockquote>_______________________________________________<br>
xmlsec mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a><br>
<br></blockquote><br>_______________________________________________<br>xmlsec mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br>
<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a><br></blockquote>_______________________________________________<br>
xmlsec mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a><br>
</span></div></blockquote></div><br>