[xmlsec] xmlsec, openssl , gost

Mon, 05 Apr 2010 23:53:00 -0700 

 
 
--- Исходное сообщение ---
От: "[email protected]" <[email protected]>
Отправлено: 06.04.2010 01:23:14
Тема: xmlsec, openssl , gost
 
1. i install openssl 1.0 (use ./config shared ), xmlsec 1.2.4 (use ./configure 
--enable-gost --with-openssl="/usr/local/ssl") in slax
2. generate key : openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out 
seckey.pem
 
 
sign1-tmpl-rus.xml (from test)
 
<?xml version="1.0" encoding="UTF-8"?>
<!-- 
XML Security Library example: Simple signature template file for sign1 example. 
-->
<Envelope xmlns="urn:envelope">
  <Data>
Hello, World!
  </Data>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
  <SignedInfo>
  <CanonicalizationMethod 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
  <SignatureMethod 
Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/>
  <Reference URI="">
  <Transforms>
  <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"; 
/>
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116";>
<XPath 
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";>not(ancestor-or-self::dsig:Signature)</XPath>
</Transform>
  </Transforms>
  <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr3411"/>
  <DigestValue></DigestValue>
  </Reference>
  </SignedInfo>
  <SignatureValue/>
  <KeyInfo>
<X509Data>
<X509Certificate></X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</Envelope>
 
 
sign1 - one of examples (by default it use openssl engine)
 
 
command ./sign1    sign1-tmpl-rus.xml    seckey.pem
get this
 
func=xmlSecOpenSSLEvpKeyAdopt:file=evp.c:line=241:obj=unknown:subj=unknown:error=14:invalid
 type:evp key type 811 not supported
func=xmlSecOpenSSLAppKeyLoadBIO:file=app.c:line=333:obj=unknown:subj=xmlSecOpenSSLEvpKeyAdopt:error=1:xmlsec
 library function failed:
func=xmlSecOpenSSLAppKeyLoad:file=app.c:line=143:obj=unknown:subj=xmlSecOpenSSLAppKeyLoadBIO:error=1:xmlsec
 library function failed:filename=seckey.pem;errno=0
Error: failed to load private pem key from "seckey.pem"  
 
what should I do?:)
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to