hello Aleksey and Ed, I use: openssl x509 -inform pem -in cert.pem -pubkey -noout > publickey.pem
to extract the public key from certificate, and then load the public key into keymanager: key = xmlSecCryptoAppKeyLoad(publickeyfile, xmlSecKeyDataFormatPem, NULL, NULL, NULL); xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key); It seems to work. My following question is, is there some api in xmlsec which I can use to extract public key directly from certificate. I know in openssl there is X509_get_pubkey(certfile), but the return type is EVP_PKEY, here we need xmlSecKeyPtr. Thanks Weizhong On 6/26/08, Aleksey Sanin <[EMAIL PROTECTED]> wrote: > > Ah, I see.... I guess it is a copy/paste error for the comment :) > > Aleksey > > Ed Shallow wrote: > >> I believe Weizhong is asking why is the "private" key being loaded if one >> simply wants to encrypt. >> >> Loading a public certificate in .pem should be appropriate. >> >> Why is private even mentioned ? >> >> >> Aleksey Sanin wrote: >> >>> The session key is created for you automatically if you specify >>> that you want AES, DES, ... encryption for the data. Look at the >>> xmlsec/tests/ examples. >>> >>> >>> Aleksey >>> >>> wz qiang wrote: >>> >>>> hi Aleksey and others, >>>> In encrypt3.c, there is one line for loading private key. >>>> /* load private RSA key */ >>>> key = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, >>>> NULL, NULL); >>>> I my understanding, normally the public key is used for encrypting the >>>> session key, and then on the other side private key is used for decrypting >>>> the session key (session key is used for encrypting the data). So my >>>> question is, how I can do like that by using xmlsec API? >>>> Thanks in advance >>>> Weizhong Qiang >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> _______________________________________________ >>>> xmlsec mailing list >>>> [email protected] >>>> http://www.aleksey.com/mailman/listinfo/xmlsec >>>> >>> _______________________________________________ >>> xmlsec mailing list >>> [email protected] >>> http://www.aleksey.com/mailman/listinfo/xmlsec >>> >>> >> _______________________________________________ >> xmlsec mailing list >> [email protected] >> http://www.aleksey.com/mailman/listinfo/xmlsec >> > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec >
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
