[xmlsec] xmlsec1 command line tool examples?
Edward Shallow
ed.shallow at rogers.com
Wed Jul 16 21:02:52 PDT 2003
I just went thru this. Once you get the knack of it, it is truly a powerful
library.
Here is a series of command lines in a .bat (I downloaded the Windows
binaries) with associated templates and input docs for sign, verify,
encrypt, and decrypt. All work exactly as expected. You have to know a
little about XMLDSIG and XMLENC.
These are a little easier than those in the /tests directory to follow.
You'll have to create your own key material (.PEMs and P12s) using openssl.
Enjoy.
Ed
-----Original Message-----
From: xmlsec-admin at aleksey.com [mailto:xmlsec-admin at aleksey.com] On Behalf
Of Keith Beattie
Sent: July 16, 2003 9:00 PM
To: xmlsec at aleksey.com
Hello,
So, the xmlsec1 command line tool looks like a great way to experiment with
signing and veryfying xml docs - for those of us learning about xml sec in
general. I'm having a tough time understanding how to do simple things like
sign a sample xml doc and then verify that signature. On the chance that
someone has some examples or more thorough documentation, I though I'd ask.
Thanks,
ksb
_______________________________________________
xmlsec mailing list
xmlsec at aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec
-------------- next part --------------
xmlsec encrypt --pubkey-pem EdShallowPub.pem --session-key des-192 --xml-data encrypt1-doc.xml --node-name Salary --output encrypted-3des-kt-RSA.xml tmpl-EPM-encrypt-3des-kt-RSA.xml
PAUSE
xmlsec decrypt --pkcs12 EdSign.p12 --output decrypted-3des-kt-RSA.xml encrypted-3des-kt-RSA.xml
PAUSE
xmlsec encrypt --xml-data encrypt1-doc.xml --node-name Salary --deskey deskey.bin --output encrypted-3des.xml tmpl-EPM-encrypt-3des.xml
PAUSE
xmlsec decrypt --deskey deskey.bin --output decrypted-3des.xml encrypted-3des.xml
PAUSE
xmlsec encrypt --xml-data encrypt1-doc.xml --node-name Salary --pubkey-pem EdShallowPub.pem --output encrypted-RSA.xml tmpl-EPM-encrypt-RSA.xml
PAUSE
xmlsec decrypt --pkcs12 EdSign.p12 --pwd ehtreb --output decrypted-RSA.xml encrypted-RSA.xml
PAUSE
xmlsec sign --pkcs12 EdSign.p12 --output edsigned1.xml --pwd ehtreb tmpl-EPM-sign.xml
PAUSE
xmlsec verify --trusted-der cacert.der edsigned1.xml
PAUSE
PAUSE
PAUSE
openssl rsa -inform PEM -outform PEM -pubout -in EdShallow.pem -out EdShallowPub.pem
PAUSE
xmlsec sign --privkey-pem:EdShallow EdShallow.pem --trusted-der cacert.der --output edsigned2.xml --pwd ehtreb tmpl1signX509.xml
PAUSE
xmlsec verify --trusted-der cacert.der edsigned2.xml
PAUSE
openssl rsautl -encrypt -in encrypt1.txt -out edencrypted1.txt -inkey EdShallowPub.pem -pubin
PAUSE
openssl rsautl -decrypt -in edencrypted1.txt -out encrypt1N.txt -inkey EdShallow.pe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmpl-EPM-sign.xml
Type: text/xml
Size: 853 bytes
Desc: not available
Url : http://www.aleksey.com/pipermail/xmlsec/attachments/20030717/32bcf23a/tmpl-EPM-sign.xml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmpl-EPM-encrypt-3des.xml
Type: text/xml
Size: 516 bytes
Desc: not available
Url : http://www.aleksey.com/pipermail/xmlsec/attachments/20030717/32bcf23a/tmpl-EPM-encrypt-3des.xml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmpl-EPM-encrypt-3des-kt-RSA.xml
Type: text/xml
Size: 863 bytes
Desc: not available
Url : http://www.aleksey.com/pipermail/xmlsec/attachments/20030717/32bcf23a/tmpl-EPM-encrypt-3des-kt-RSA.xml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmpl-EPM-encrypt-RSA.xml
Type: text/xml
Size: 512 bytes
Desc: not available
Url : http://www.aleksey.com/pipermail/xmlsec/attachments/20030717/32bcf23a/tmpl-EPM-encrypt-RSA.xml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: encrypt1-doc.xml
Type: text/xml
Size: 367 bytes
Desc: not available
Url : http://www.aleksey.com/pipermail/xmlsec/attachments/20030717/32bcf23a/encrypt1-doc.xml
More information about the xmlsec
mailing list