[xmlsec] An enhance feature to xmlsec-nss engine
Andrew Fan
Andrew.Fan at sun.com
Fri Jul 25 01:15:24 PDT 2003
Hi Tej,
I want to check whether my application can run on the new xmlsec-nss
crypto engine. So I prepare a signature template with X509Data( Issuer
and Serial ), I hope that the keys manager will help me find the key
from keys store with the help of X509Data. But I failed. At high level
application, I do nothing except prepare a signature template and some
initialization. I had expected it will be work. But not. So I check the
sources, finally, I find something in X509.c. When reading XML X509
data, it successfully retrieve certificate defaultly. But when verify
and extract key ( xmlSecNssKeyDataX509VerifyAndExtractKey ), it only
retrieve public key( xmlSecNssX509CertGetKey ) no matter the request
from keyInfoCtx( keyInfoCtx->keyReq.keyType ). I think it should check
the key info request, if the request type is private, it should retrieve
private key; if public, the public key. I change some codes in my
workspcae according to above requirement. I work now. I think, it is a
important features.
Andrew
More information about the xmlsec
mailing list