Hello,
I'm trying to load a key from a KeyInfo node via xmlSecKeyInfoNodeRead.
However, I need to be able to load self-signed certificates, and whenever I do
this, I get an error (self signed certificate) from OpenSSL. I've looked at
setting the XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS flag on the key
info ctx, however looking at the following bit of code in xmlsec, it looks like
if you set this flag, then the key never gets extracted at all. The calling
function never gets access to the key data, so I don't see how this can help.
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) ==
0) {
ret = xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(data, key,
keyInfoCtx);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
"xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
}
Has anyone managed to do this, and am I doing something obviously wrong here!
Thanks, David
--
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
