[xmlsec] Widget signing template
Kai Hendry
kai.hendry at gmail.com
Wed Jul 1 09:05:36 PDT 2009
Hi Aleksey,
http://git.webvm.net/?p=wgtqa;a=tree;f=xmldsig
git clone git://git.webvm.net/wgtqa
cd wgtqa/xmldsig/
I hope you can review some work I've been doing, to put together a
template for the W3C digital signature folk using your tool xmlsec1.
Your dsakey.p12 from your tests/ directory. I think I see how you
created it by tests/keys/README.
I tried creating a simpler example.p12
http://git.webvm.net/?p=wgtqa;a=blob;f=xmldsig/Makefile and it does
not work. Perhaps I am missing something? Do I really need to setup a
CA? I was hoping it work closer in practice to my ssh priv/pub
keypair.
This is the error message from xmlsec1:
func=xmlSecKeysMngrGetKey:file=keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxProcessKeyInfoNode:file=xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
is not found:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec
library function failed:
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec
library function failed:
Error: signature failed
Error: failed to sign file "../signing-template.xml"
For the purposes of an example. I'm not sure pkcs12 is the way to go,
esp. since I don't like typing in passwords. I wanted to create a
private PEM key to sign and use the X509 public key to verify. Though
that didn't work either.
Thanks again,
More information about the xmlsec
mailing list