[xmlsec] OpenSSL Gost support
beldmit at gmail.com
Thu Aug 18 12:03:36 PDT 2011
Do you mean smth similar to src/openssl/kt_rsa.c?
I hope I don't need it using the X509 cert format. Am I wrong?
On Thu, Aug 18, 2011 at 10:43 PM, Aleksey Sanin <aleksey at aleksey.com> wrote:
> You also need to implement key type for gost keys. Take a look at how
> RSA keys are done.
> On 8/18/11 11:39 AM, Dmitry Belyavsky wrote:
>> I'm implementing the Russian GOST support to OpenSSL-builded XMLSec. I
>> have some questions.
>> 1. The support is expected to be in X.509 format only. I hope that
>> linking against OpenSSL 1.0 will work good enough after I implement
>> the necessary transforms. When I run make check, I get the following:
>> Test: /aleksey-xmldsig-01/enveloped-gost (success)
>> /home/beldmit/xmlsec1-1.2.18/apps/xmlsec1 check-transforms --crypto
>> openssl --crypto-config /tmp/xmlsec-crypto-config enveloped-signature
>> gostr34102001-gostr3411 gostr3411
>> Transforms "enveloped-signature" found
>> Transforms "gostr34102001-gostr3411" found
>> Transforms "gostr3411" found
>> /home/beldmit/xmlsec1-1.2.18/apps/xmlsec1 check-key-data --crypto
>> openssl --crypto-config /tmp/xmlsec-crypto-config gost
>> Error: key data "gost" not found
>> How can I fix it?
>> 2. I configure XMLSec with
>> ./configure --with-openssl=/usr --with-pic=yes --enable-gost
>> But it seems to use static linking instead of using dynamic. How can I fix
>> Thank you!
SY, Dmitry Belyavsky
More information about the xmlsec