[xmlsec] Adding multiple certificates to a pre-signature message
or a signed message
Aleksey Sanin
aleksey at aleksey.com
Fri Dec 6 15:06:51 PST 2002
The simplest way is to add multiple certificates to the key and add
one <X509Data> node to the <KeyInfo>. All the certs found in the key
(as well as all CRLs) should be written into the <X509Data> node.
The function you might want to look at are:
xmlSecKeyReadPemCert
<http://www.aleksey.com/xmlsec/api/xmlsec-keys.html#XMLSECKEYREADPEMCERT>
<http://www.aleksey.com/xmlsec/api/xmlsec-x509.html#XMLSECX509DATAREADPEMCERT>
xmlSecX509DataReadPemCert
<http://www.aleksey.com/xmlsec/api/xmlsec-x509.html#XMLSECX509DATAREADPEMCERT>
<http://www.aleksey.com/xmlsec/api/xmlsec-keyinfo.html#XMLSECKEYINFOADDX509DATA>
xmlSecKeyInfoAddX509Data
<http://www.aleksey.com/xmlsec/api/xmlsec-keyinfo.html#XMLSECKEYINFOADDX509DATA>
You are absolutelly right that the current API is not really clear. I am
working
on fixing this :)
Aleksey
Jeff Lancelle wrote:
>What is the best way to efficiently create an X509Data
>structure with multiple certificates that form a
>certificate chain. I have been trying to create it
>dynamically with some issues through the API.
>
>Question :
>Is there something I am missing in the API that would
>allow me to do this easily, or would the best solution
>be a static template?
>
>
>__________________________________________________
>Do you Yahoo!?
>Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
>http://mailplus.yahoo.com
>_______________________________________________
>xmlsec mailing list
>xmlsec at aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20021206/a1d6a3cc/attachment.htm
More information about the xmlsec
mailing list