[xmlsec] Map the existing use of xmlsec on an engine ?

zze-CIA BENARD C ext RD-MAPS-LAN cbenard.ext at orange-ftgroup.com
Tue Oct 23 01:04:16 PDT 2007 

 
Many thanks for your response but It is still not clear for me ... *blush*

Can someone precise which method/function I have to call to build the key object ? 

I have to affect the signKey field of the xmlSecDSigCtx structure but I do not know how to do that :/ My key is in an Ncipher hardware. I already interact with it through the ENGINE API and then using the opennssl API (ENGINE_load_private_key and, EVP_PKEY_get1_RSA and then RSA_sign) but what should I do to use the xmlSecDSigCtxSign function ?

Aleksey, you told me to build the correct context with a "low level" API but which one ? And what about the openssl API ? I'm totally blind :'( 

The interactions between xmlsec and openssl API is not clear :/

Many thanks for any help


Cyrille B.


-----Message d'origine-----
De : Aleksey Sanin [mailto:aleksey at aleksey.com] 
Envoyé : vendredi 19 octobre 2007 18:32
À : zze-CIA BENARD C ext RD-MAPS-LAN
Cc : xmlsec at aleksey.com
Objet : Re: [xmlsec] Map the existing use of xmlsec on an engine ?

No, it would not work that way. You have to go one level bellow that and manually construct xmlsec Key object (with KeyData) from the openssl key handle and then manually add key to the manager.

Aleksey

zze-CIA BENARD C ext RD-MAPS-LAN wrote:
> Hi all,
> 
> I'm trying to adapt an existing library (already using xmlsec-openssl) 
> in using a CHIL engine. The actual code calls
> 
> xmlSecCryptoAppKeyLoad(private_key_file, xmlSecKeyDataFormatPem, NULL, 
> NULL, NULL) and then xmlSecDSigCtxSign
> 
> 
> Which value should I set in the second parameter of 
> xmlSecCryptoAppKeyLoad to identify the correct format of the "key ID" .
> It's not a PEM, nor a CERT, it's an ID corresponding to the 
> private_key stored in the Ncipher hardware... I feel lost :'(, in the 
> same way the first parameter <private_key_file> describes the valuer 
> of the ID, not a file.
> 
> 
> Many thanks in advance
> 
> 
> --
> Cyrille Bénard
> 
> 
> ----------------------------------------------------------------------
> --
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list