[xmlsec] Widget signing template

Aleksey Sanin aleksey at aleksey.com
Wed Jul 1 21:59:57 PDT 2009

I think that you should start from writing down what
you are trying to achieve. I would be glad to review
such a writeup.


Kai Hendry wrote:
> Hi Aleksey,
> http://git.webvm.net/?p=wgtqa;a=tree;f=xmldsig
> git clone git://git.webvm.net/wgtqa
> cd wgtqa/xmldsig/
> I hope you can review some work I've been doing, to put together a
> template for the W3C digital signature folk using your tool xmlsec1.
> Your dsakey.p12 from your tests/ directory. I think I see how you
> created it by tests/keys/README.
> I tried creating a simpler example.p12
> http://git.webvm.net/?p=wgtqa;a=blob;f=xmldsig/Makefile and it does
> not work. Perhaps I am missing something? Do I really need to setup a
> CA? I was hoping it work closer in practice to my ssh priv/pub
> keypair.
> This is the error message from xmlsec1:
> func=xmlSecKeysMngrGetKey:file=keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
> library function failed:
> func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
> is not found:
> func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
> library function failed:
> func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
> library function failed:
> Error: signature failed
> Error: failed to sign file "../signing-template.xml"
> For the purposes of an example. I'm not sure pkcs12 is the way to go,
> esp. since I don't like typing in passwords. I wanted to create a
> private PEM key to sign and use the X509 public key to verify. Though
> that didn't work either.
> Thanks again,
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list