[xmlsec] how to load non-standard <KeyInfo/>
wz qiang
weizhongqiang at gmail.com
Thu Jul 17 07:11:06 PDT 2008
hi,
I am using the following node for <KeyInfo/> under <Signature/>
<KeyInfo><wsse:SecurityTokenReference><wsse:Reference
URI="#binarytoken"/></wsse:SecurityTokenReference></KeyInfo>
When I verify it, of cause not like <X509Data/>, the above <KeyInfo/> can
not be loaded by xmlsec library automatically. So how can I load it?
I try to parser the pubkey out from the binarytoken by using:
xmlSecOpenSSLAppKeyFromCertLoadBIO(bio, certformat);
and then load the key into keymanager:
xmlSecCryptoAppDefaultKeysMngrAdoptKey(keysmanager, key);
I also loaded the trusted ca certificate by using:
xmlSecCryptoAppKeysMngrCertLoad(...);
But it seem is the loaded trusted certificate does not effect at all. Becase
even if I comment the line "xmlSecCryptoAppKeysMngrCertLoad", the
verification also works.
SO I think the trust chain has not been checked.
Could you tell me how can I load the non-standard <KeyInfo/>, and make the
trusted chain checkin work as well.
Thanks in advance.
Weizhong Qiang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20080717/85eb36d4/attachment-0002.htm
More information about the xmlsec
mailing list