Re: [xmlsec] Configuring with openssl
Greetings! On Wed, 18 Jan 2006, Aleksey Sanin wrote: 1) xmlsec is looking in the lib/ folder because this is how openssl is usually installed. If you build openssl from sources, then you have to do 'make install' to make it work. It seems a very bad idea to me. Our company is implementing a huge patch to openssl and it's impossible to install openssl. So it seems to be useful to use this patch... Well, what I usually do is the following: 1) Configure/compile/install openssl with --prefix=$HOME/local 2) Configure/compile/install xmlsec with --openssl-dir=$HOME/local 3) Setup LD_LIBRARY_PATH to include $HOME/local/lib I like my patch to ./configure more than this idea :-). The other question is: I want to debug xmlsec using gdb. What should I add to LD_LIBRARY_PATH to get the same result as ./apps/xmlsec1 (wrapper script) gets? Now I set LD_LIBRARY_PATH to ./src/.libs;./src/openssl/.libs but it seems to be not enough... I believe you also need to add ./src/openssl/.libs/ As I've written, I specify it. But it's not enough. -- SY, Dmitry Belyavsky (ICQ UIN 6575) ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
Re: [xmlsec] Configuring with openssl
I want to debug xmlsec using gdb. What should I add to LD_LIBRARY_PATH to get the same result as ./apps/xmlsec1 (wrapper script) gets? Now I set LD_LIBRARY_PATH to ./src/.libs;./src/openssl/.libs but it seems to be not enough... I believe you also need to add ./src/openssl/.libs/ As I've written, I specify it. But it's not enough. add? Aleksey ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
Re: [xmlsec] Configuring with openssl
Ops, sorry. I meant try to run 'ldd xmlsec1' Aleksey Aleksey Sanin wrote: I want to debug xmlsec using gdb. What should I add to LD_LIBRARY_PATH to get the same result as ./apps/xmlsec1 (wrapper script) gets? Now I set LD_LIBRARY_PATH to ./src/.libs;./src/openssl/.libs but it seems to be not enough... I believe you also need to add ./src/openssl/.libs/ As I've written, I specify it. But it's not enough. add? Aleksey ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
Re: [xmlsec] Configuring with openssl
Greetings! On Thu, 19 Jan 2006, Aleksey Sanin wrote: Aleksey Sanin wrote: I want to debug xmlsec using gdb. What should I add to LD_LIBRARY_PATH to get the same result as ./apps/xmlsec1 (wrapper script) gets? Now I set LD_LIBRARY_PATH to ./src/.libs;./src/openssl/.libs but it seems to be not enough... I believe you also need to add ./src/openssl/.libs/ As I've written, I specify it. But it's not enough. Sorry, it was my fault. I've linked and tested against different versions of the openssl libs. -- SY, Dmitry Belyavsky (ICQ UIN 6575) ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
RE: [Bulk] Re: [Bulk] [xmlsec] Re: Loaded Private Key and mscrypto
Hi Aleksey, Confirmed that problem in xmlSecSimpleKeysStoreSave is indeed with mscrypto. Openssl works fine. Python ctypes works fine using all of c_uint(1) for Public, c_uint(2) for Private, c_uint(4) for Symmetric, and sums thereof. Only selected key types saved in each case. c_uint(65535) produces equiv of 0x'' and selects all types. No problem here either. Private Exponent comes out as would be expected for both test-rsa and p12 loaded key named 'Ed Shallow' using openssl. NOT for mscrypto. savedKeysStore.xml for both openssl and mscrypto are attached. keysMngr = xmlsec.xmlSecKeysMngrCreate() rc = xmlsec.xmlSecCryptoAppDefaultKeysMngrInit(keysMngr) id = xmlsec.xmlSecSimpleKeysStoreGetKlass() keyStore = xmlsec.xmlSecKeyStoreCreate(id) rc = xmlsec.xmlSecSimpleKeysStoreLoad(keyStore, 'c:/xmlsec/keys/keys.xml', keysMngr) desKlass = xmlsec.xmlSecKeyDataDesGetKlass() symmetricKey = xmlsec.xmlSecKeyGenerateByName(desKlass.contents.name, c_uint(192), c_uint(12)) rc = xmlsec.xmlSecKeySetName(symmetricKey, 'symmetric-des') rc = xmlsec.xmlSecSimpleKeysStoreAdoptKey(keyStore, symmetricKey) privateKey = xmlsec.xmlSecCryptoAppKeyLoad(p12, c_uint(6), password, None, None) print 'xmlSecKeySetName\t\t\tstatus code', xmlsec.xmlSecKeySetName(privateKey, 'Ed Shallow') rc = xmlsec.xmlSecSimpleKeysStoreAdoptKey(keyStore, privateKey) rc = xmlsec.xmlSecKeysMngrAdoptKeysStore(keysMngr, keyStore) print 'KeysMngrAdoptKeysStore \t\t\tstatus code', rc rc = xmlsec.xmlSecSimpleKeysStoreSave(keyStore, 'c:/xmlsec/keys/savedKeysStore65535.xml', c_uint(65535)) Ed -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aleksey Sanin Sent: January 17, 2006 11:48 AM To: [EMAIL PROTECTED] Cc: xmlsec@aleksey.com Subject: [Bulk] Re: [Bulk] [xmlsec] Re: Loaded Private Key and mscrypto rc = xmlsec.xmlSecSimpleKeysStoreSave(keyStore, 'c:/xmlsec/keys/savedKeysStore.xml', c_uint(65535)) print 'xmlSecSimpleKeysStoreSave \t\tstatus code', rc c_uint(65535) is incorrect. Please set just private keys to be saved (xmlSecKeyDataTypePrivate define). Aleksey ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
RE: [Bulk] Re: [Bulk] [xmlsec] Re: Loaded Private Key and mscrypto
With attachments ... -Original Message- From: Edward Shallow [mailto:[EMAIL PROTECTED] Sent: January 19, 2006 6:36 PM To: 'Aleksey Sanin' Cc: 'xmlsec@aleksey.com' Subject: RE: [Bulk] Re: [Bulk] [xmlsec] Re: Loaded Private Key and mscrypto Hi Aleksey, Confirmed that problem in xmlSecSimpleKeysStoreSave is indeed with mscrypto. Openssl works fine. Python ctypes works fine using all of c_uint(1) for Public, c_uint(2) for Private, c_uint(4) for Symmetric, and sums thereof. Only selected key types saved in each case. c_uint(65535) produces equiv of 0x'' and selects all types. No problem here either. Private Exponent comes out as would be expected for both test-rsa and p12 loaded key named 'Ed Shallow' using openssl. NOT for mscrypto. savedKeysStore.xml for both openssl and mscrypto are attached. keysMngr = xmlsec.xmlSecKeysMngrCreate() rc = xmlsec.xmlSecCryptoAppDefaultKeysMngrInit(keysMngr) id = xmlsec.xmlSecSimpleKeysStoreGetKlass() keyStore = xmlsec.xmlSecKeyStoreCreate(id) rc = xmlsec.xmlSecSimpleKeysStoreLoad(keyStore, 'c:/xmlsec/keys/keys.xml', keysMngr) desKlass = xmlsec.xmlSecKeyDataDesGetKlass() symmetricKey = xmlsec.xmlSecKeyGenerateByName(desKlass.contents.name, c_uint(192), c_uint(12)) rc = xmlsec.xmlSecKeySetName(symmetricKey, 'symmetric-des') rc = xmlsec.xmlSecSimpleKeysStoreAdoptKey(keyStore, symmetricKey) privateKey = xmlsec.xmlSecCryptoAppKeyLoad(p12, c_uint(6), password, None, None) print 'xmlSecKeySetName\t\t\tstatus code', xmlsec.xmlSecKeySetName(privateKey, 'Ed Shallow') rc = xmlsec.xmlSecSimpleKeysStoreAdoptKey(keyStore, privateKey) rc = xmlsec.xmlSecKeysMngrAdoptKeysStore(keysMngr, keyStore) print 'KeysMngrAdoptKeysStore \t\t\tstatus code', rc rc = xmlsec.xmlSecSimpleKeysStoreSave(keyStore, 'c:/xmlsec/keys/savedKeysStore65535.xml', c_uint(65535)) Ed -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aleksey Sanin Sent: January 17, 2006 11:48 AM To: [EMAIL PROTECTED] Cc: xmlsec@aleksey.com Subject: [Bulk] Re: [Bulk] [xmlsec] Re: Loaded Private Key and mscrypto rc = xmlsec.xmlSecSimpleKeysStoreSave(keyStore, 'c:/xmlsec/keys/savedKeysStore.xml', c_uint(65535)) print 'xmlSecSimpleKeysStoreSave \t\tstatus code', rc c_uint(65535) is incorrect. Please set just private keys to be saved (xmlSecKeyDataTypePrivate define). Aleksey ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec ?xml version=1.0? Keys xmlns=http://www.aleksey.com/xmlsec/2002; KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNametest-dsa/KeyName KeyValue DSAKeyValue P 4jl6DkcmDDBt815kg/WbxW1gnLtqH+kdjqEeFDD9m6EqGqvVhFbbvNNQqAwuaiJU nWlR8gG47GtHKFN6w8CM1qteIo3foK504otZFNsl1p3cInQpdRCp2e/lQ+E24J/H /n4Ix9pBNV63JIiSIqa+GpDuBpW4o3rrBRxTjOwYpWk= /P Q 9WQwByMPy0u1C8e2SeNQTvkG6tM= /Q G Rrg7e8pNLHMFK0pGW7xvzb7Kh6icJSsiBaX6aHqaQc9rSzzMJG3snBuQricNaUH5 8ipucT+hdPRTo6g0ty5noyyBmqUvYHf9NuskQhPDmC3uTtqQTHeCEuX8XoH3YYlB uE4nXvQRGZoyy+43ISe9aDnEAgIUVQXEayTVppRF24I= /G Y WT0+1bR+bj65u5iDJ0MRc6/8iEAbvj7l5sAVn/H+SdZy94wW5mnSLCC5ufN33QPp WNvgVk2igM+W51WlhFDgA8Xz9lRPk19jW8BXQpqv11MKoIBpaSAWvnhs/0AKubiT XxJz7i78ZJy4hVTn99Rvt6Tc16/LICZfsqIJr+VK4Sg= /Y /DSAKeyValue /KeyValue /KeyInfo KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNametest-rsa/KeyName KeyValue RSAKeyValue Modulus 0rGgazIyv0XjPXGGBwt1wvfCPO++VAlxW15LFinbxCeBkq/5jb/71gC7R2CJtUK4 y/tIi7g89YBwQosJpgMMZt69fz51omEv/WobD0vUFcbRxek+Yi23ZHxhZMtO42Re zfpwgC4ep0fXL+V105BUmjGFYACnUJdtMkG8ahH8/Zs= /Modulus Exponent Aw== /Exponent /RSAKeyValue /KeyValue /KeyInfo KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNametest-des/KeyName KeyValue DESKeyValue xmlns=http://www.aleksey.com/xmlsec/2002;zBFljViy/Qhd8AG0vGxf+SekrJ1ttpIz/DESKeyValue /KeyValue /KeyInfo KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNametest-aes128/KeyName KeyValue AESKeyValue xmlns=http://www.aleksey.com/xmlsec/2002;0Xfy3ES+Fbv/OfWuQHKvPA==/AESKeyValue /KeyValue /KeyInfo KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNametest-aes192/KeyName KeyValue AESKeyValue xmlns=http://www.aleksey.com/xmlsec/2002;lk9DyA07xL/m45fUb7zbLoy3c0hLhw80/AESKeyValue /KeyValue /KeyInfo KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNametest-aes256/KeyName KeyValue AESKeyValue xmlns=http://www.aleksey.com/xmlsec/2002;fpCPQLCMZCw9WipH8kk1J75CqYgWBhbJDMFPiUS0hzE=/AESKeyValue /KeyValue /KeyInfo KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNamesymmetric-des/KeyName KeyValue DESKeyValue xmlns=http://www.aleksey.com/xmlsec/2002;O4uCDqTOLUTgajJ3pGRs5zmY+4snvijd/DESKeyValue /KeyValue /KeyInfo KeyInfo xmlns=http://www.w3.org/2000/09/xmldsig#; KeyNameEd Shallow/KeyName KeyValue RSAKeyValue Modulus ueWI67MxGNuP+LsiPkrqgN6og8+CitAU4gumFAbW/L2q7zv6JE7WaMwZTH/8Als0 kS1StqwCZXLCci5sziWUwkHW0h0W5PhnJwf5Jxt0p4Hnz1IGlJMueD6lwqKwcbNN lKuenHnTLpL4HvyT5Gy2HdJwxxjRXJOZDTVcPUIZ5LE= /Modulus Exponent AQAB /Exponent
[xmlsec] Re: Loaded Private Key and mscrypto
I believe, you'll get only public key. But you might want to try. Aleksey Edward Shallow wrote: I have successfully extracted key values from other keys with xmlSecKeyDataBinaryValueGetBuffer. They were however symmetric keys. Should I try this against loaded mscrypto key ? Or will this just give me back the public portion ? Ed -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aleksey Sanin Sent: January 19, 2006 6:37 PM To: [EMAIL PROTECTED] Cc: xmlsec@aleksey.com Subject: [Bulk] Re: [Bulk] Re: [Bulk] [xmlsec] Re: Loaded Private Key and mscrypto Confirmed that problem in xmlSecSimpleKeysStoreSave is indeed with mscrypto. I believe the reason is that you can not get private exponent for a key from mscrypto in clear text. Aleksey ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec ___ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec