[xmlsec] Using certificates for signature verification

Aleksey Sanin aleksey at aleksey.com
Tue Feb 11 13:28:16 PST 2003

As far as I can understand your problem, you want to load certificate, 
public key, set key name equal to certificate's subject and put the 
result in the
keys manager.
Right now, the xmlsec utility application does not have a ready to use 
to do all of this for you. However, you can easily write your own (i've 
not compiled
the code bellow so it might contain errors; also more checks should be 
done in
real application):

int loadKey(xmlSecKeysMngrPtr keyMgr, X509* cert) {
     EVP_PKEY* pKey;
     xmlSecKeyPtr key;
    char buf[1024];

     pKey = X509_get_pubkey(cert);
     if(pKey) {
         // error
    key = xmlSecParseEvpKey(pKey);  // find this function in src/x509.c file
    if(key == NULL) {
        // error
    key->name = strdup(X509_get_subject_name(cert), buf, sizeof(buf)));   
    return(xmlSecSimpleKeysMngrAddKey(keyMgr, key));

With best regards,


More information about the xmlsec mailing list