[xmlsec] Re: XMLSec for signing documents

[Aleksey Sanin]

Yes, you can use xmlsec for XML Signatures verification.
Thought I doubt that xmlsec or anything else can "extract
the private ket from certificate" simply because certificate
has public key only.

Aleksey

Erik F. Andersen wrote:

> Dear Aleksey,
>  
> I'm working on a project in which I need to digitally sign SOAP messages 
> using a X.509 v3 certificate. I believe that XMLSec can be used for just 
> this kind of thing?
>  
> The reason I am looking at XMLSec is because this is not supported 
> natively in Delphi 7 for Win32. Unfortunately I'm currently a novice in 
> XMLSec and was hoping you could help me getting started.
>  
> In Delphi I can gain access to the SOAP envelope just prior to it being 
> sent via a WinINet request object (HINTERNET handle returned via a call 
> to HttpOpenRequest). This handle can let me access the the XML.
>  
> I would like to use XMLSec to digitally sign the XML just before it is 
> sent. Are there functions in XMLSec to manipulate the SOAP XML to add 
> the necessary <wsse:Security> node in the SOAP-header?
>  
> At this point in time I'm unsure if I should let XMLSec extract the 
> private key from the certificate since I already have done this in my 
> own code. Can XMLSec handle this scenario as well?
>  
> Btw. the certificates are OCES certificates from a CA called TDC (in 
> Denmark). All citizens in Denmark are currently being issued OCES 
> certificated (www.openoces.org <http://www.openoces.org>).
>  
> Thank you for your time,
>  
> Erik F. Andersen
> Ascott Software A/S
> Denmark