[xmlsec] Key management / certificate management

[Moultrie, Ferrell (ISSAtlanta)]

Hi:
  I'd like to control what public keys and/or certs are used or usable
for verifying data. In particular, I'd like to require that the public
key be validated by a cert (i.e., that <sig:KeyValue> supplied
unvalidated keys not be usable,and, I'd like to impose certain
contraints on any cert used (e.g., validating Issuer, Subject, Usage,
etc.). While I could search for a KeyValue node before calling
validation, it seems like there may be a better way to accomplish this
(below). Additionally, it looks like I could store a new verifyX509
(xmlSecX509VerifyCallback) pointer in the xmlSecKeysMngr struct and
intercept the cert verification. Still, since I'm very new to all of
this, I'm wondering if there's not simpler/better/more direct ways to
accomplish these types of checks. Any suggestions or pointers would be
greatly appreciated!
  It looks like setting the allowedOrigins flag of the xmlSecKeysMngr
structure to xmlSecKeyOriginX509 may solve my first problem and ensure
that only keys found in a X509 cert will be usable. Correct?
  I don't see any such short-cut for validating the X509 cert contents
other than the verifyX509 override I mentioned earlier. Any other way /
better option?
  Finally, it looks like xmlSecSimpleKeysMngrLoadPemCert() method can be
used to load a trusted root certificate for X509 validation from a file.
I'd rather not have a seperate file storing this information. Is there
any way to load a trusted cert from a memory blob or perhaps from a
second XML document/tree?
Thanks!
  Ferrell

=====================================
Ferrell Moultrie (ferrell at iss.net)
Software Engineer

Internet Security Systems, Inc.
6303 Barfield Road
Atlanta, Georgia 30328
Phone:  404-236-2600
Direct: 404-236-2849
Fax:    404-236-2632
http://www.iss.net

Internet Security Systems -- The Power to Protect
=====================================