[xmlsec] Verification with x509 certificate
Aleksey Sanin
aleksey at aleksey.com
Thu Apr 10 11:57:57 PDT 2008
You load *certificate* not *key* in the certificate.
You might want to use pkcs12 format to load the certificate
and the key.
Aleksey
Phillip Seaver wrote:
> Hello, all,
>
> I successfully loaded the certificate using
> xmlSecCryptoAppKeysMngrCertLoadMemory(), but I get
> "func=xmlSecDSigCtxProcessKeyInfoNode:file=..\..\misc\xmlsec\src\xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key
> is not found:" when I run xmlSecDSigCtxVerify(). Should it
> automatically find the key in the certificate or do I need to pull it
> out myself?
>
> Here's what I do for setup (checking return values, of course):
>
> xmlSecInit()
> xmlSecCryptoAppInit(NULL)
> xmlSecCryptoInit()
> xmlSecKeysMngrPtr mngr = xmlSecKeysMngrCreate();
> xmlSecCryptoAppDefaultKeysMngrInit(mngr)
> xmlSecDSigCtxPtr dsigCtx = xmlSecDSigCtxCreate(mngr);
> xmlSecCryptoAppKeysMngrCertLoadMemory(mngr,
> pBuffer->get(), pBuffer->size(),
> xmlSecKeyDataFormatCertDer,
> xmlSecKeyDataTypeAny)
> xmlSecDSigCtxVerify(dsigCtx, nodeRoot)
>
> Everything except xmlSecDSigCtxVerify() (and the ones that return
> pointers) returns 0. I'm sort of hoping it's something obvious...
>
> Thanks,
>
> Phillip
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list