[xmlsec] Empty KeyValue element after a
call to xmlSecKeyInfoNodeWrite()
Nicolas Clapies
nclapies at entrouvert.com
Tue Nov 8 07:47:06 PST 2005
Sorry Aleksey for long delay,
I stopped for some time investigating about my public key problem.
Here is a simple test program :
/* gcc -o test `pkg-config --libs xmlsec1` test.c `pkg-config --
cflags xmlsec1` */
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <libxml/tree.h>
#include <libxml/xmlmemory.h>
#include <libxml/parser.h>
#ifndef XMLSEC_NO_XSLT
#include <libxslt/xslt.h>
#endif /* XMLSEC_NO_XSLT */
#include <xmlsec/xmlsec.h>
#include <xmlsec/xmltree.h>
#include <xmlsec/xmldsig.h>
#include <xmlsec/crypto.h>
int main() {
xmlDoc *doc;
xmlNode *key_info_node;
xmlSecKey *pub_key;
xmlSecKeyInfoCtx *ctx;
xmlOutputBuffer *buf;
xmlCharEncodingHandler *handler;
xmlInitParser();
xmlSecInit();
xmlSecCryptoAppInit(NULL);
xmlSecCryptoInit();
#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
fprintf(stderr, "Error: unable to load default xmlsec-crypto
library. Make sure\n"
"that you have it installed and check shared libraries
path\n"
"(LD_LIBRARY_PATH) envornment variable.\n");
return(-1);
}
#endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
pub_key = xmlSecCryptoAppKeyLoad("./public-key.pem",
xmlSecKeyDataFormatPem, NULL,
NULL, NULL);
xmlSecKeyDebugDump(pub_key, stdout);
xmlSecKeyDebugXmlDump(pub_key, stdout);
doc = xmlSecCreateTree("KeyInfo", "http://www.w3.org/2000/09/
xmldsig#");
key_info_node = xmlDocGetRootElement(doc);
xmlSecAddChild(key_info_node, "KeyValue", "http://www.w3.org/
2000/09/xmldsig#");
ctx = xmlSecKeyInfoCtxCreate(NULL);
xmlSecKeyInfoCtxInitialize(ctx, NULL);
ctx->mode = xmlSecKeyInfoModeWrite;
handler = xmlFindCharEncodingHandler("utf-8");
buf = xmlAllocOutputBuffer(handler);
xmlNodeDumpOutput(buf, NULL, key_info_node, 0, 0, "utf-8");
xmlOutputBufferFlush(buf);
printf("Key info node : \n%s\n", buf->conv ? buf->conv->content :
buf->buffer->content);
xmlSecKeyInfoNodeWrite(key_info_node, pub_key, ctx);
xmlNodeDumpOutput(buf, NULL, key_info_node, 0, 0, "utf-8");
xmlOutputBufferFlush(buf);
printf("Written key info node : \n%s\n", buf->conv ? buf->conv-
>content : buf->buffer->content);
xmlOutputBufferClose(buf);
xmlSecCryptoShutdown();
xmlSecCryptoAppShutdown();
xmlSecShutdown();
xmlCleanupParser();
return 0;
}
Here is the tested public key :
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUMzNj0Gwt4sLk7QNr5x
3b/jgnSnrtL2VX5sHlTk3zTGIZ///YB7b2IlxeT0MMt151lDakOzkAkorjFH07jl
QfNBHER6cQ5J8Lonlp0GiQNazDEEEm3qiXx9gyouV55NTlryKS6PRyxcitdUetNI
zs/Qpr87ZPfZ05ujSLVxWAnMf0OyKRpoDbKtZ09PiOlvHtKGUbcVDcA//FETpm1D
/XUcncGP9MVu9YDJqJwCSF66omrQV15DCcCRjbmdvj5s9JiQmefSoBRxShYM6ZBN
+0C5b1LUeItMIVzd6nVNn85eK3XKB/KWWdEiIklM2LshfTd7YQUf7Ouo+H9/Rbta
VQIDAQAB
-----END PUBLIC KEY-----
And the output :
== KEY
=== method: RSAKeyValue
=== key type: Public
=== key usage: -1
=== rsa key: size = 2048
<KeyInfo>
<KeyMethod>RSAKeyValue</KeyMethod>
<KeyType>Public
</KeyType>
<RSAKeyValue size="2048" />
</KeyInfo>
Key info node :
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyValue/>
</KeyInfo>
Written key info node :
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyValue/>
</KeyInfo><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyValue>
<RSAKeyValue/>
</KeyValue>
</KeyInfo>
So RSAKeyValue seems to be partially empty after a call to
xmlSecKeyInfoNodeWrite().
Thanks for help,
Nicolas.
On Oct 13, 2005, at 4:24 PM, Aleksey Sanin wrote:
> It sounds like lasso_provider_get_public_key() function is
> not constructing the public key correctly. BTW, which crypto
> library do you use? If it is not one of openssl/nss/mscrypto
> then it is possible that writing key to XML was not implemented
> by the authors of the xmlsec-crypto port.
>
> Aleksey
More information about the xmlsec
mailing list