On Friday 21 March 2014 20:22:06 Nikolay Shaplov wrote: > On Friday 21 March 2014 08:27:24 you wrote: > > The template (tests/aleksey-xmldsig-01/x509data-test.tmpl) uses RSA > > signatures. You need to modify it to use GOST instead. > > Oh! You are right! I've missed it. Thank you! > > Just for history, correct gost 2001 signing example is following: > > > /usr/local/bin/xmlsec1 --sign --privkey-pem my/gost2001.key tests/aleksey- > xmldsig-01/enveloped-gost.tmpl
Eh... sorry, but now I have problems with verifying of what I've signed: $ /usr/local/bin/xmlsec1 --sign --privkey-pem my/gost2001.key tests/aleksey-xmldsig-01/enveloped-gost.tmpl >my/enveloped-gost.xml $ /usr/local/bin/xmlsec1 --verify --trusted-pem my/gost2001.pem my/enveloped-gost.xml func=xmlSecKeysMngrGetKey:file=keys.c:line=1370:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key is not found: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSignatureProcessNode:error=1:xmlsec library function failed: Error: signature failed ERROR SignedInfo References (ok/all): 1/1 Manifests References (ok/all): 0/0 Error: failed to verify file "my/enveloped-gost.xml" If I check gost example from test, check goes well. May be I did something wrong with key creation or something? _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
