[xmlsec] mscrpyto
Roumen Petrov
xmlsec at roumenpetrov.info
Thu Nov 1 12:06:12 PST 2007
Did you mean the the code (../mscrypto/x509vfy.c):
-------------
......
certInfo.Issuer.cbData = cnb.cbData ;
certInfo.Issuer.pbData = cnb.pbData ;
certInfo.SerialNumber.cbData = xmlSecBnGetSize( &issuerSerialBn ) ;
certInfo.SerialNumber.pbData = xmlSecBnGetData( &issuerSerialBn ) ;
pCert = CertFindCertificateInStore(
store,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
0,
CERT_FIND_SUBJECT_CERT,
&certInfo,
NULL
) ;
.....
-------------
is incorrect or don't work for you ?
It search by "issuer name" and "issuer serial".
Roumen
gregor.ibic at intelicom.si wrote:
> Hi, I checked the code for mscrypto how xmlsec searches for right
> certificate.
> Searching for cert with serial number or also for digest (thumbprint) is
> really a good idea.
> With applications with several cert issuers, there is a high probability
> of cert name or serial clashes.
>
> regards,
> Gregor
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
More information about the xmlsec
mailing list