[xmlsec] how can I use the public key for encryption

Aleksey Sanin aleksey at aleksey.com
Sun Jun 29 19:20:52 PDT 2008 

https://www.aleksey.com/xmlsec/api/xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYFROMCERTLOADBIO

Aleksey

wz qiang wrote:
> hello Aleksey and Ed,
> I use:
> openssl x509 -inform pem -in cert.pem -pubkey -noout > publickey.pem
>  
> to extract the public key from certificate, and then load the public key 
> into keymanager:
>  key = xmlSecCryptoAppKeyLoad(publickeyfile, xmlSecKeyDataFormatPem, 
> NULL, NULL, NULL);
> xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key);
>  
> It seems to work.
>  
> My following question is, is there some api in xmlsec which I can use to 
> extract public key directly from certificate. I know in openssl there is 
> X509_get_pubkey(certfile), but the return type is EVP_PKEY, here we need 
> xmlSecKeyPtr.
>  
> Thanks
> Weizhong
> 
> 
>  
> On 6/26/08, *Aleksey Sanin* <aleksey at aleksey.com 
> <mailto:aleksey at aleksey.com>> wrote:
> 
>     Ah, I see.... I guess it is a copy/paste error for the comment :)
> 
>     Aleksey
> 
> 
>     Ed Shallow wrote:
> 
>         I believe Weizhong is asking why is the "private" key being
>         loaded  if one simply wants to encrypt.
> 
>         Loading a public certificate  in .pem  should  be appropriate.
> 
>         Why is private even mentioned ?
> 
> 
>         Aleksey Sanin wrote:
> 
>             The session key is created for you automatically if you specify
>             that you want AES, DES, ... encryption for the data. Look at the
>             xmlsec/tests/ examples.
> 
> 
>             Aleksey
> 
>             wz qiang wrote:
> 
>                 hi Aleksey and others,
>                  In encrypt3.c, there is one line for loading private key.
>                      /* load private RSA key */
>                    key = xmlSecCryptoAppKeyLoad(key_file,
>                 xmlSecKeyDataFormatPem, NULL, NULL, NULL);
>                  I my understanding, normally the public key is used for
>                 encrypting the session key, and then on the other side
>                 private key is used for decrypting the session key
>                 (session key is used for encrypting the data). So my
>                 question is, how I can do like that by using xmlsec API?
>                   Thanks in advance
>                 Weizhong Qiang
> 
> 
>                 ------------------------------------------------------------------------
> 
>                 _______________________________________________
>                 xmlsec mailing list
>                 xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
>                 http://www.aleksey.com/mailman/listinfo/xmlsec
> 
>             _______________________________________________
>             xmlsec mailing list
>             xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
>             http://www.aleksey.com/mailman/listinfo/xmlsec
> 
> 
>         _______________________________________________
>         xmlsec mailing list
>         xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
>         http://www.aleksey.com/mailman/listinfo/xmlsec
> 
>     _______________________________________________
>     xmlsec mailing list
>     xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
>     http://www.aleksey.com/mailman/listinfo/xmlsec
> 
>

More information about the xmlsec mailing list