[xmlsec] another question about xmlsec.
Aleksey Sanin
aleksey at aleksey.com
Thu Mar 20 13:21:05 PST 2003
>
>
>>1. Can XMLSec bind a crypto engine dynamic?
>>
> I would say "yes" on *nixes and "probably" on Windows....
The issue is fixed. On all platforms the two libraries "xmlsec" (does
not depend
on crypto engines whatsoever) and "xmlsec-crypto" are compiled. The
downside
on Windows is that I had to compile and link strings constants (node
names, etc)
twice in each library (this adds additional 25-30K). Unfortunately, I
don't have
any other idea how to trick the MSVC/Windows dll symbols export system.
And I would like to note, that in addition to the dynamic crypto engine
loading,
the new XMLSec design lets you to "mix" crypto engines and use more than
one
engine from one application (it might be usefull in case you have a
smart card that
can do signatures but not cipher encryption, for example). The only
tricky (but not
impossible) part would be to support say RSA signatures from crypto
engine A and
RSA encryption from crypto engine B. In this case, you'll need to do
"keys" marshaling
when needed but it's only a matter of implementing xmlSecKeysMngr that
supports
such kind of things.
Aleksey
More information about the xmlsec
mailing list