[xmlsec] From Openssl to NSS
Si St
sigbj-st at operamail.com
Fri Nov 4 04:53:38 PDT 2011
I have xml-signingtried with the new smartcarddriver.
Tools like pkcs11-tool and clientToolBox manages to sign and test the
card.
I am getting contact with the card with xmlsec1 and openssl, but signing
is still negativ - error:45 - just like before. What I believe is that
regardless of MultiSign and SingleSign as to xmlsec1, they both will
work.
If I change to NSS instead of OPENSSL, what has to be done?
There is little sense to get from the firefox sites.
xmlsec1 sign --crypto nss --output signedKOM KOM.xml
func=xmlSecKeysMngrGetKey:file=keys.c:line=1370:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed: ;last nss error=-8157 (0xFFFFE023)
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found: ;last nss error=-8157 (0xFFFFE023)
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed: ;last nss error=-8157 (0xFFFFE023)
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed: ;last nss error=-8157 (0xFFFFE023)
Error: signature failed
Error: failed to sign file "KOM.xml"
--
Si St
sigbj-st at operamail.com
--
http://www.fastmail.fm - Send your email first class
More information about the xmlsec
mailing list