Ok, the function I was looking for seems to be "xmlSecKeySetValue".
So, after having created the key, valued it and then set to the correct dsigCtx
field (signKey), the xmlSecDSigCtxSign function stoppped and print on stderr :
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
I probably omit to set something but it's not easy to understand what shoud
have been done :/
The written code is based on the sign2.c :
xmlSecKeyPtr pSecKey ;
xmlSecKeyDataPtr pSecKeyData ;
int iRes ;
pSecKey = NULL ;
pSecKeyData = NULL ;
// The pvKey obect has been "loaded" through the call of
ENGINE_load_private_key (the CHIL ENGINE is ok)
// Transform a OPENSSL "object" in a XMLSEC "object"
if( (pSecKeyData=xmlSecOpenSSLEvpKeyAdopt(pvKey)) == NULL )
{
fprintf(stderr,"Error: xmlSecOpenSSLEvpKeyAdopt") ;
goto done;
}
// Create the key that will be passed to the DSIG context
if( (pSecKey = xmlSecKeyCreate()) == NULL )
{
fprintf(stderr,"Error: failed to create xmlSecKey") ;
goto done;
}
/* Done bellow by the origional sign2.c code
if( (iRes = xmlSecKeySetName(pSecKey, (const xmlChar *)keyToUse)) != 0 )
{
fprintf(stderr,"Error: failed to set key name. ret = %d", iRes)
;
goto done;
}
*/
// Set the key with the content
if( (iRes = xmlSecKeySetValue(pSecKey, pSecKeyData)) != 0 )
{
fprintf(stderr,"Error: failed to set key value. ret = %d",
iRes) ;
goto done;
}
// Set the key to the DSIG context
dsigCtx->signKey = pSecKey ;
// All the code bellow is the original sign2.c code
// ...
Any idea ?
-----Message d'origine-----
De : Aleksey Sanin [mailto:[EMAIL PROTECTED]
Envoyé : mardi 23 octobre 2007 15:38
À : zze-CIA BENARD C ext RD-MAPS-LAN
Cc : [email protected]
Objet : Re: [xmlsec] Map the existing use of xmlsec on an engine ?
Search the source code for examples!
Aleksey
zze-CIA BENARD C ext RD-MAPS-LAN wrote:
> Yes, I was reading the documentation about xmlSecOpenSSLEvpKeyAdopt but I got
> a xmlSecKeyDataPtr in return whereas I need (xmlSecDSigCtxSign needs) a
> xmlSecKeyPtr.
>
> I tried to find out how to convert a xmlSecKeyDataPtr in xmlSecKeyPtr but I'm
> still looking for :( . Maybe it's not the right way ?
>
> Thanks for your response.
> Any idea ?
>
>
> -----Message d'origine-----
> De : Aleksey Sanin [mailto:[EMAIL PROTECTED] Envoyé : mardi 23
> octobre 2007 10:14 À : zze-CIA BENARD C ext RD-MAPS-LAN Cc :
> [email protected] Objet : Re: [xmlsec] Map the existing use of xmlsec
> on an engine ?
>
> On xmlsec side, you need functions that deal with EVP_PKEY
>
> http://www.aleksey.com/xmlsec/api/xmlsec-openssl-evp.html
>
> Sorry, I can't help you with openssl side because I did this kind of thing
> once or twice many years ago.
>
> Best,
> Aleksey
>
>
> _______________________________________________
> xmlsec mailing list
> [email protected]
> http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
