[xmlsec] Using certificates for signature verification
Aleksey Sanin
aleksey at aleksey.com
Tue Feb 11 13:28:16 PST 2003
As far as I can understand your problem, you want to load certificate,
extract
public key, set key name equal to certificate's subject and put the
result in the
keys manager.
Right now, the xmlsec utility application does not have a ready to use
function
to do all of this for you. However, you can easily write your own (i've
not compiled
the code bellow so it might contain errors; also more checks should be
done in
real application):
int loadKey(xmlSecKeysMngrPtr keyMgr, X509* cert) {
EVP_PKEY* pKey;
xmlSecKeyPtr key;
char buf[1024];
pKey = X509_get_pubkey(cert);
if(pKey) {
// error
return(NULL);
}
key = xmlSecParseEvpKey(pKey); // find this function in src/x509.c file
if(key == NULL) {
// error
EVP_PKEY_free(pKey);
return(NULL);
}
EVP_PKEY_free(pKey);
key->name = strdup(X509_get_subject_name(cert), buf, sizeof(buf)));
return(xmlSecSimpleKeysMngrAddKey(keyMgr, key));
}
With best regards,
Aleksey
More information about the xmlsec
mailing list