[xmlsec] Loading private key in any format other than PEM
Aleksey Sanin
aleksey at aleksey.com
Thu Oct 17 08:32:05 PDT 2013
privateExponent.toByteArray() might not return the DER format expected
by the function.
Aleksey
On 10/17/13 7:59 AM, allicoder redocilla wrote:
> Dear Aleksey (CC xmlsec list),
>
> I am trying to load a private key from memory using xmlsec (testing with
> RSA keys). Unfortunately, I can only do this if the memory buffer is a
> pem file's contents; anything else fails. I was hoping you might be able
> to shed some light on why this might be going wrong.
>
> I am getting the key data from Java using various methods, all to no
> avail. I have tried PrivateKey.getEncodedBytes(),
> RSAPrivateKey.getPrivateExponent().toByteArray(), new
> PKCS8Key().getEncodedBytes(), passing in a der file directly, loading a
> der file directly... Nothing but pem files seems to work.
>
> Is this a limitation of xmlsec, or am I just doing something wrong?
> Could you suggest a combination of xmlSecKeyDataFormat and the format it
> expects?
>
> I'm (attempting to) load the key using
> xmlSecKeyPtr privateKey = xmlSecCryptoAppKeyLoadMemory((const
> xmlChar*)data, dataLength, xmlSecKeyDataFormat*, NULL, NULL, NULL);
>
> Error message (xmlSecKeyDataFormatDer, privateExponent.toByteArray()):
> E/XmlSigner_jni( 6867):
> (/home/arc/projects/xml-signing/android-builds//xmlsec/./src/openssl/app.c:263):
> (null):PEM_read_bio_PrivateKey and PEM_read_bio_PUBKEY:4:
> E/XmlSigner_jni( 6867):
> (/home/arc/projects/xml-signing/android-builds//xmlsec/./src/openssl/app.c:205):
> (null):xmlSecOpenSSLAppKeyLoadBIO:1:
>
> The keys I'm testing with are unencrypted. I'm using xmlsec checked out
> from a few days ago, openssl 0.9.8 from tarball. Platform is Android.
>
> Best wishes,
> Alice.
More information about the xmlsec
mailing list