[xmlsec] Using xmlsec with openssl config file and engine pkcs11
GOUSSEAU Denis
denis.gousseau at santeos.com
Wed Sep 22 02:10:23 PDT 2010
I’m trying to use XmlSec binaries with an pkcs11 engine which work fine with
openssl :
OpenSsl config file :
openssl_conf = openssl_def
[openssl_def]
engines = engine_section
[engine_section]
pkcs11 = pkcs11_section
[pkcs11_section]
engine_id = pkcs11
dynamic_path = ./engine_pkcs11.dll
MODULE_PATH = c:/windows/cps_pkcs11_w32.dll
init = 0
PIN=1234
[req]
distinguished_name = req_distinguished_name
[req_distinguished_name]
Dos command line
xmlsec --sign--pwd 1234 --crypto openssl --crypto-config .\openssl.cfg
TestEnvoi.txt
And i have this error
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1370:obj=unknown:subj=xmlS
ecKeysMngrFindKey:error=1:xmlsec library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=..\src\xmldsig.c:line=871:obj=unkn
own:subj=unknown:error=45:key is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=565:obj=un
known:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function
failed:
func=xmlSecDSigCtxSign:file=..\src\xmldsig.c:line=303:obj=unknown:subj=xmlSe
cDSigCtxSigantureProcessNode:error=1:xmlsec library function failed:
Error: signature failed
Error: failed to sign file "TestEnvoi.txt"
With a pem certificate, the file can be signed.
So, the problem is with openssl and the config file or the engine i’m using.
Does xmlSec work with pkcs11 engine without change ? Because I saw some
patch but can’t find them with problem on private key.
Thanks for help.
-----------------------------------------------
Denis GOUSSEAU
Société SANTEOS
-----------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20100922/5d2114ce/attachment.html>
More information about the xmlsec
mailing list