Fwd: Re: [xmlsec] Problems with MScryto.

Wouter wsh at xs4all.nl
Mon Nov 10 11:23:31 PST 2003


Hi,

You can try to load the public key as well as the private key with the
same call. I think that setting keyrequest info  something liek this:
keyInfoCtx->keyReq.keyType = xmlSecKeyDataTypePrivate |
xmlSecKeyDataTypePublic should do the trick.

Wouter

-----Original Message-----
From: xmlsec-admin at aleksey.com [mailto:xmlsec-admin at aleksey.com] On
Behalf Of Francisco Lechón
Sent: Friday, November 07, 2003 19:02
To: wsh at xs4all.nl
Cc: xmlsec at aleksey.com
Subject: Re: Fwd: Re: [xmlsec] Problems with MScryto.


Hola Wouter,

Thank you very much by the aid that you have contributed to me.
Now, I have a problem.  As I can add to the signature the node that
contains 
the information of the public key?
...
<KeyValue><RSAKeyValue>
<Modulus>zUhfl2qzFXgfy....BtkEGknBs=</Modulus>
<Exponent>AQAB</Exponent>
</RSAKeyValue></KeyValue>
...
When attempt to add it to a signature, is empty:
...
<KeyValue><RSAKeyValue>
<Modulus/><Exponent/>
</RSAKeyValue></KeyValue>
...

Following the code, I arrive at a point where it says to me that the key
is 
private.
...
int xmlSecKeyReqMatchKey(xmlSecKeyReqPtr keyReq, xmlSecKeyPtr key) {
    xmlSecAssert2(keyReq != NULL, -1);
    xmlSecAssert2(xmlSecKeyIsValid(key), -1);
    if((keyReq->keyType != xmlSecKeyDataTypeUnknown) &&
      ((xmlSecKeyGetType(key) & keyReq->keyType) == 0)) {
--->	 return(0);
    }
...

Is necessary to initialize some field to be able to add to the node < 
KeyValue >?

Thanks,
Paco


........................................................................
.........

>You could try something like this (I've removed error handling and
other
>stuff to make it more clear):
>
>(...)
>xmlSecKeysMngrPtr mngr = xmlSecKeysMngrCreate();
>xmlSecCryptoAppDefaultKeysMngrInit(mngr);
>
>xmlSecKeyInfoCtxPtr keyInfoCtx = xmlSecKeyInfoCtxCreate(mngr);
>keyInfoCtx->keyReq.keyType = xmlSecKeyDataTypePrivate;
>
>dsigCtx->signKey = xmlSecKeysMngrFindKey(mngr, (xmlChar *)cert_name,
>keyInfoCtx);
>(...)
>
>"cert_name" can be either a so called friendly name of your certificate
>you want to use or a subject dn string of the certificate. libxmlsec
will
>try to locate this cert (with private key) in your default certificate
>store location.
>
>Wouter
>
> > Hola,
> >
> > Before nothing, thanks to answer express.
> > You are right, that way are two ways to work with mscrypto:
> > - Using pkcs12,
> > - and using the keys of the certificate store directly.
> >
> > You have some small example to directly load and to use the keys
from 
>the
> > certificate store?
> > Because with himself not to do it.
> >
> >
> > Thanks.
> > Paco
> >
> >>From: "Wouter" To: Francisco Lechón CC: xmlsec at aleksey.com Subject:
Re:
> >>[xmlsec] Problems with MScryto. Date: Thu, 6 Nov 2003 13:24:42 +0100
> >> (CET)
> >>
> >>Hi,
> >>
> >>The example you're referring to doesn't work because mscrypto does
not
> >>support importing of private keys in any other format then pkcs12.
So 
>you
> >>should either use a pkcs12 file for importing the keys, or use a
private
> >>key that is in your certificate store, and load/use that one.
> >>
> >>Wouter
> >>
> >> >I am executing the example < sign2.c > of package XMLSEC in a
system
> >> >Windows and >using MScripto and it does not work correctly. > >I
do 
>not
> >>understand the code of the function < xmlSecMSCryptoAppKeyLoad >, >I
use
> >> >like parameters, the file that contains the private key, and I 
>indicate
> >> >that the >format is < to xmlSecKeyDataFormatDer >, but the
function
> >>generates an >error. The >code for that format is not implemented. >
>I
> >>understand that that error is because uses the method of the
interface
> >> >of
> >>the >CryptoAPI, and I am passing him a key private. > >It is not 
>finished
> >>to use the CryptoAPI? > >Somebody can help me sending some example
that
> >>works using Windows and >CryptoAPI? > >Thanks
> >>_______________________________________________ xmlsec mailing list
> >>xmlsec at aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
> >
> > _________________________________________________________________
> > Accede al romance online. Busca y encuentra a tu media naranja entre
los
> > perfiles que te interesan. http://match.msn.es/
> >
> > _______________________________________________
> > xmlsec mailing list
> > xmlsec at aleksey.com
> > http://www.aleksey.com/mailman/listinfo/xmlsec
> >
>
>_______________________________________________
>xmlsec mailing list
>xmlsec at aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec

_________________________________________________________________
Descárgate en tu teléfono los tonos y logos de las canciones y artistas
de 
más éxito en MSN Móviles.  http://www.msn.es/MSNMovil/

_______________________________________________
xmlsec mailing list
xmlsec at aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec




More information about the xmlsec mailing list