I believe that today GOST only supported on Windows through mscrypto.
To add GOST support for openssl, you will need to implement GOST keys and encryption/decryption support. It should be straightforward copy/paste/replace from, for example, RSA keys/encryption implementation. Hint: I love patches :) Aleksey On 4/5/2010 11:52 PM, [email protected] wrote:
*--- Исходное сообщение ---* *От:* "[email protected]" <[email protected]> *Отправлено:* 06.04.2010 01:23:14 *Тема:* xmlsec, openssl , gost 1. i install openssl 1.0 (use ./config shared ), xmlsec 1.2.4 (use ./configure --enable-gost --with-openssl="/usr/local/ssl") in slax 2. generate key : openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem *sign1-tmpl-rus.xml (from test)* * * *<?xml version="1.0" encoding="UTF-8"?>* *<!-- * *XML Security Library example: Simple signature template file for sign1 example. * *-->* *<Envelope xmlns="urn:envelope">* * <Data>* *Hello, World!* * </Data>* * <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>* * <SignedInfo>* * <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />* * <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/>* * <Reference URI="">* * <Transforms>* * <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"; />* *<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116";>* *<XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";>not(ancestor-or-self::dsig:Signature)</XPath>* *</Transform>* * </Transforms>* * <DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr3411"/>* * <DigestValue></DigestValue>* * </Reference>* * </SignedInfo>* * <SignatureValue/>* * <KeyInfo>* *<X509Data>* *<X509Certificate></X509Certificate>* *</X509Data>* *</KeyInfo>* *</Signature>* *</Envelope>* * * sign1 - one of examples (by default it use openssl engine) command ./sign1 sign1-tmpl-rus.xml seckey.pem get this func=xmlSecOpenSSLEvpKeyAdopt:file=evp.c:line=241:obj=unknown:subj=unknown:error=14:invalid type:evp key type 811 not supported func=xmlSecOpenSSLAppKeyLoadBIO:file=app.c:line=333:obj=unknown:subj=xmlSecOpenSSLEvpKeyAdopt:error=1:xmlsec library function failed: func=xmlSecOpenSSLAppKeyLoad:file=app.c:line=143:obj=unknown:subj=xmlSecOpenSSLAppKeyLoadBIO:error=1:xmlsec library function failed:filename=seckey.pem;errno=0 Error: failed to load private pem key from "seckey.pem" what should I do?:) _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
