[xmlsec] Map the existing use of xmlsec on an engine ?
zze-CIA BENARD C ext RD-MAPS-LAN
cbenard.ext at orange-ftgroup.com
Wed Oct 24 02:01:13 PDT 2007
Ok, the function I was looking for seems to be "xmlSecKeySetValue".
So, after having created the key, valued it and then set to the correct dsigCtx field (signKey), the xmlSecDSigCtxSign function stoppped and print on stderr :
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed:
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed:
Error: signature failed
I probably omit to set something but it's not easy to understand what shoud have been done :/
The written code is based on the sign2.c :
xmlSecKeyPtr pSecKey ;
xmlSecKeyDataPtr pSecKeyData ;
int iRes ;
pSecKey = NULL ;
pSecKeyData = NULL ;
// The pvKey obect has been "loaded" through the call of ENGINE_load_private_key (the CHIL ENGINE is ok)
// Transform a OPENSSL "object" in a XMLSEC "object"
if( (pSecKeyData=xmlSecOpenSSLEvpKeyAdopt(pvKey)) == NULL )
{
fprintf(stderr,"Error: xmlSecOpenSSLEvpKeyAdopt") ;
goto done;
}
// Create the key that will be passed to the DSIG context
if( (pSecKey = xmlSecKeyCreate()) == NULL )
{
fprintf(stderr,"Error: failed to create xmlSecKey") ;
goto done;
}
/* Done bellow by the origional sign2.c code
if( (iRes = xmlSecKeySetName(pSecKey, (const xmlChar *)keyToUse)) != 0 )
{
fprintf(stderr,"Error: failed to set key name. ret = %d", iRes) ;
goto done;
}
*/
// Set the key with the content
if( (iRes = xmlSecKeySetValue(pSecKey, pSecKeyData)) != 0 )
{
fprintf(stderr,"Error: failed to set key value. ret = %d", iRes) ;
goto done;
}
// Set the key to the DSIG context
dsigCtx->signKey = pSecKey ;
// All the code bellow is the original sign2.c code
// ...
Any idea ?
-----Message d'origine-----
De : Aleksey Sanin [mailto:aleksey at aleksey.com]
Envoyé : mardi 23 octobre 2007 15:38
À : zze-CIA BENARD C ext RD-MAPS-LAN
Cc : xmlsec at aleksey.com
Objet : Re: [xmlsec] Map the existing use of xmlsec on an engine ?
Search the source code for examples!
Aleksey
zze-CIA BENARD C ext RD-MAPS-LAN wrote:
> Yes, I was reading the documentation about xmlSecOpenSSLEvpKeyAdopt but I got a xmlSecKeyDataPtr in return whereas I need (xmlSecDSigCtxSign needs) a xmlSecKeyPtr.
>
> I tried to find out how to convert a xmlSecKeyDataPtr in xmlSecKeyPtr but I'm still looking for :( . Maybe it's not the right way ?
>
> Thanks for your response.
> Any idea ?
>
>
> -----Message d'origine-----
> De : Aleksey Sanin [mailto:aleksey at aleksey.com] Envoyé : mardi 23
> octobre 2007 10:14 À : zze-CIA BENARD C ext RD-MAPS-LAN Cc :
> xmlsec at aleksey.com Objet : Re: [xmlsec] Map the existing use of xmlsec
> on an engine ?
>
> On xmlsec side, you need functions that deal with EVP_PKEY
>
> http://www.aleksey.com/xmlsec/api/xmlsec-openssl-evp.html
>
> Sorry, I can't help you with openssl side because I did this kind of thing once or twice many years ago.
>
> Best,
> Aleksey
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list