It is a problem with mscrypto api.
Aleksey
On 10/23/11 10:51 AM, Josef Kokeš wrote:
On 21.10.2011 19:01, Aleksey Sanin wrote:
Basically, xmlsec-mscrypto doesn't support pkcs12 format. Only DER
format is supported.
Thanks for the answer. Before I try to develop a solution, could you
please tell me if it is the case of MS Crypto API not supporting the
required functionality or simply a lack of
resources/time/interest/whatever on your part? In other word, would a
fix involve modification of LibXmlSec or would it require a modification
of CryptoAPI?
Thanks,
Pepak
Aleksey
On 10/20/11 11:09 PM, Josef Kokeš wrote:
Oops, I completely overlooked the error message. Here it is:
func=xmlSecMSCryptoAppKeyLoadMemory:file=..\src\mscrypto\app.c:line=237:obj=unknown:subj=format
== xmlSecKeyDataFormatCertDer:error=100:assertion: ;last error=0
(0x00000000);last error msg=Operace byla dokončena úspěšně.
(last error msg translated to english: "The operation was successfully
completed")
Seems to be an incompatible encoding, but why? It's a standard PFX, I
don't think I can choose encoding for that.
Pepak
Hi!
I have been using XmlSec for some time, but only with the OpenSSL
engine. Now I find myself in need of using a MS-Crypto engine (I
want to
use tokens for certificate storage). I thought I would simply change
the
parameter of xmlSecCryptoDLLoadLibrary from "openssl" to "mscrypto",
but
apparently that is not the case:
When I start preparing the signature context, the xmlSecDSigCtxCreate
succeeds but the following xmlSecCryptoAppKeyLoadMemory(PfxBuf,
PfxSize,
xmlSecKeyDataFormatPkcs12, PfxPassword, 0, 0) returns 0 - the key could
not be loaded. But the same command succeeds with OpenSSL. I thought
perhaps it's another case of incompatible PFX files between Windows XP
and newer Windows, but that is not the case as I can import the PFX
correctly using the OS's tools.
I am using LibXmlSec version 1.2.18 under Windows, as compiled by Igor
Zlatkovic in no-unicode mode.
What could possibly be the problem?
Thanks,
Pepak
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
__ Zkontrolovano antivirovym programem NOD32 __
_______ Mailscanner spolecnosti Phoenix _______
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
__ Zkontrolovano antivirovym programem NOD32 __
_______ Mailscanner spolecnosti Phoenix _______
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
