[xmlsec] MultiPartSign and SinglePartSign

Aleksey Sanin aleksey at aleksey.com
Wed Oct 26 11:35:07 PDT 2011

xmlsec is always using "Multipart" signing


On 10/26/11 11:32 AM, Si St wrote:
> Is this an actual subject with the following in mind:
> 1) "Multipart sign":
> a. C_SignInit()
> b. C_SignUpdate()
> c. C_SignFinal()
> 2) "Single part sign":
> a. C_SignInit()
> b. C_Sign()
> Some card drivers/modules only support Multipart or Singlepart. Are
> these 2 signing types part of the xmlsec code? With Signserver from
> primekey.se and pkcs11-tool they both support Multipart, while a certain
> type of smartcard(its driver) only supports Singlepart.
> Will it matter with XMLSEC and cryptoengine? It could be a reason why
> xmlsec does not find the key (error:45), but there are no return with
> e.g. "C_SignUpdate() : CKR_FUNCTION_NOT_SUPPORTED" which I assume always
> comes from the card module, so then there are other reasons why error 45
> appears.

More information about the xmlsec mailing list