[xmlsec] MS Crypto API support

Aleksey Sanin aleksey at aleksey.com
Mon Apr 7 06:52:19 PDT 2003


Hi, Olger!

First of all, you probably want to use the new library version that has 
an abiliy
to support any crypto library in runtime. Application can load any 
xmlsec-<crypto>
library (and actualy, it can load more than one such a library).

As you correctly pointed out, there is not much documentation for new 
crypto
libraries support. But these links should be useful:
      
       http://www.aleksey.com/xmlsec/design-overview.html
       http://www.aleksey.com/xmlsec/api/images/signature-structure.png
       http://www.aleksey.com/xmlsec/api/images/encryption-structure.png

Basicaly, you need to implement three things:
    1) xmlSecCryptoApp*** functions (hi-level functions used in xmlsec 
command line utility
         and in other applications);
    2) crypto transforms (HMAC, SHA1, DES,....)
    3) crypto key data (RSA, DSA,....)

I guess, the first step would be to copy either gnutls or nss folders in 
src/ and include/xmlsec/,
replacing GnuTLS-->MsCrypto everywhere, removing all GnuTLS include 
files and
try to compile.  And I would be happy to answer your questions :)


Aleksey

P.S. Please remove the confidential disclaimer from your mails sent to 
xmlsec
*public* list.




Olger Warnier wrote:

> Hello to all of the list,
>  
> After some wandering through the list, I found some details on the 
> support for different crypto libraries.
> The MS CryptoAPI seems not supported (yet) so I am planning on writing 
> the integration if someone could help me out a little on the way this 
> should be done. The structure seems to support compiletime support for 
> the use of another crypto backend. (is support planned for runtime 
> loaded libraries (dlopen and so on) ?
> I am wondering what the list of functions is I should map/support to 
> get it to work. (the website documentation doesn't tell a lot on this 
> matter yet). I am planning to use the mscryptoapi as define and 
> directory. If people have pointers/ideas please let me know.
>  
> Kind Regards,
>  
> Olger
>  






More information about the xmlsec mailing list