[xmlsec] Signing works in command line tool but not in code? [SEC=UNCLASSIFIED]

Aleksey Sanin aleksey at aleksey.com
Mon Feb 28 19:33:24 PST 2011

Make sure you have the right key for the crypto algorithm used in the 

BTW, your signature makes no sense for a public mailing list


On 2/28/11 7:30 PM, Cartland, Bruce wrote:
> I am using the command line tool to successfully sign a template file. 
> A dotnet soap service successfully processes the sign.xml file.
> xmlsec --sign --print-debug --privkey-der pk.der --output sign.xml 
> vstsout.xml
> I am now trying the same thing in code with exactly the same files but 
> the signature fails. I based this on the sample "sign1.c". However I 
> notice the command line source uses a quite different approach (e.g. a 
> keymanager instance). Before I delve into that, is there anything 
> obviously missing here?
> doc = xmlParseFile("vstsout.xml");
> node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, 
> xmlSecDSigNs);
>       dsigCtx = xmlSecDSigCtxCreate(NULL);
>       dsigCtx->signKey = xmlSecCryptoAppKeyLoad("pk.der", 
> xmlSecKeyDataFormatDer, NULL, NULL, NULL);
>       xmlSecKeySetName(dsigCtx->signKey, BAD_CAST "pk-der");
>       xmlSecDSigCtxSign(dsigCtx, node); <<<<<<-------- the signature 
> fails
> Thanks muchly
> Bruce
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20110228/0002846c/attachment.html>

More information about the xmlsec mailing list