[xmlsec] Signing with RAM key/How to create a RSA key pair?

Martin Salo Martin.Salo at gmx.net
Thu Aug 16 06:59:25 PDT 2007

Hello Mailinglist,

I want to create a file reader/writer in XML. To avoid unseen changes on the file I want to sign it. My idea was to create a RSA key pair and put it hardcoded into my file reader/writer. With the private RSA key I will sign the file while writing to HD and the reader will use the public key to look if someone changes the file.

1. How can I read RSA keys from the RAM? Beside xmlSecCryptoAppKeyLoad() I have found no function to do that.

2. How to create a pair of RSA keys?
// Here is my first try. It seems that the key is correctly created.
// Now I need a possibility to write it to HD. How to do it?
void XmlSecSigning::CreateRsaKey(int KeyBitLength) { // KeyBitLength is always 2048
	const unsigned char *cKeyName=BAD_CAST"rsa";

	InitXmlSec(); // Methods from sign1.c example
	xmlSecKey *oKey = xmlSecKeyGenerateByName(cKeyName, KeyBitLength, 0);
	// oKey is !=0, so it works.

	//FILE *oFile;
	//oFile=fopen("D:\\KeyFile.txt", "w"); 
	//fprintf(oFile, PubKeyHex.c_str());
	//xmlSecKeyDebugDump(oKey, oFile);
	// This lines will result in:
	//== KEY
   //=== method: RSAKeyValue
   //=== key type: Private
   //=== key usage: -1
   //=== rsa key: size = 2048
3. What should I put into the last param of xmlSecKeyGenerateByName()?
If I search for this function in the Internet, some people put here 8 or 12 on DES keys for example.



PS: In the sign1.c examle is a BAD_CAST missing: In function sign_file()
> if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) { // Param key_file needs a BAD_CAST.
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! 
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer

More information about the xmlsec mailing list