[xmlsec] how to load non-standard <KeyInfo/>

wz qiang weizhongqiang at gmail.com
Thu Jul 17 07:11:06 PDT 2008

I am using the following node for <KeyInfo/> under <Signature/>

When I verify it, of cause not like <X509Data/>, the above <KeyInfo/> can
not be loaded by xmlsec library automatically. So how can I load it?
I try to parser the pubkey out from the binarytoken by using:
xmlSecOpenSSLAppKeyFromCertLoadBIO(bio, certformat);
and then load the key into keymanager:
xmlSecCryptoAppDefaultKeysMngrAdoptKey(keysmanager, key);

I also loaded the trusted ca certificate by using:

But it seem is the loaded trusted certificate does not effect at all. Becase
even if I comment the line "xmlSecCryptoAppKeysMngrCertLoad", the
verification also works.

SO I think the trust chain has not been checked.

Could you tell me how can I load the non-standard <KeyInfo/>, and make the
trusted chain checkin work as well.

Thanks in advance.

Weizhong Qiang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20080717/85eb36d4/attachment-0002.htm

More information about the xmlsec mailing list