<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Signing works in command line tool but not in code? [SEC=UNCLASSIFIED]</TITLE>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.5969" name=GENERATOR></HEAD>
<BODY text=#000000 bgColor=#ffffff>
<DIV dir=ltr align=left><SPAN class=971593503-01032011><FONT face=Arial
color=#0000ff size=2>Yeah - sorry about the signature. The corporate firewall
shoves it in.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=971593503-01032011><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=971593503-01032011><FONT face=Arial
color=#0000ff size=2>As for the right key for the given template; I've checked
this and the same template/key files are used in the command line tool which
works and in my code below, which does not? Are you saying that you expect the
code below to work as is? In which case, I'll investigate further or work my way
through the command line source and use its approach
instead.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=971593503-01032011><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=971593503-01032011><FONT face=Arial
color=#0000ff size=2>thanks</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=971593503-01032011></SPAN><FONT face=Arial
size=2>Bruce </FONT></DIV>
<DIV> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Aleksey Sanin [mailto:aleksey@aleksey.com]
<BR><B>Sent:</B> Tuesday, 1 March 2011 14:33<BR><B>To:</B> Cartland,
Bruce<BR><B>Cc:</B> xmlsec@aleksey.com<BR><B>Subject:</B> Re: [xmlsec] Signing
works in command line tool but not in code?
[SEC=UNCLASSIFIED]<BR></FONT><BR></DIV>
<DIV></DIV>Make sure you have the right key for the crypto algorithm used in the
template.<BR><BR>BTW, your signature makes no sense for a public mailing
list<BR><BR>Aleksey<BR><BR>On 2/28/11 7:30 PM, Cartland, Bruce wrote:
<BLOCKQUOTE
cite=mid:FB58E6A08940744C972AA8DF8D3933830849AF5E@CBR07M100PCA1.prod.atonet.gov.au
type="cite">
<META content="MS Exchange Server version
6.5.7651.53"
name=Generator><!-- Converted from text/rtf format --><BR>
<P><FONT face=Arial size=2>I am using the command line tool to successfully
sign a template file. A dotnet soap service successfully processes the
sign.xml file. </FONT></P>
<P> <FONT face=Arial size=2>xmlsec
--sign --print-debug --privkey-der pk.der --output sign.xml vstsout.xml</FONT>
</P>
<P><FONT face=Arial size=2>I am now trying the same thing in code with exactly
the same files but the signature fails. I based this on the sample "sign1.c".
However I notice the command line source uses a quite different approach (e.g.
a keymanager instance). Before I delve into that, is there anything obviously
missing here?</FONT></P>
<P> <FONT face=Arial size=2>doc
=</FONT> <FONT face="Courier New" size=2>xmlParseFile("</FONT><FONT face=Arial
size=2>vstsout.xml");</FONT> <BR>
<FONT face="Courier New" size=2>node =
xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature,
xmlSecDSigNs);</FONT> <BR><FONT face="Courier New"
size=2> dsigCtx =
xmlSecDSigCtxCreate(NULL);</FONT> <BR><FONT face="Courier New"
size=2> dsigCtx->signKey =
xmlSecCryptoAppKeyLoad("pk.der", xmlSecKeyDataFormatDer, NULL, NULL,
NULL);</FONT> <BR><FONT face="Courier New"
size=2> xmlSecKeySetName(dsigCtx->signKey,
BAD_CAST "pk-der");</FONT> </P>
<P><FONT face="Courier New" size=2>
xmlSecDSigCtxSign(dsigCtx, node); <<<<<<--------
the signature fails</FONT> </P>
<P><FONT face=Arial size=2>Thanks muchly</FONT> <BR><FONT face=Arial
size=2>Bruce</FONT> </P><BR></BLOCKQUOTE><pre>**********************************************************************
IMPORTANT
The information transmitted is for the use of the intended
recipient only and may contain confidential and/or legally
privileged material. Any review, re-transmission, disclosure,
dissemination or other use of, or taking of any action in
reliance upon, this information by persons or entities other
than the intended recipient is prohibited and may result in
severe penalties. If you have received this e-mail in error
please notify the Privacy Hotline of the Australian Taxation
Office, telephone 13 2869 and delete all copies of this
transmission together with any attachments.
**********************************************************************
</pre></BODY></HTML>