[xmlsec] Incompatibility between OPENSSL nad MSCRYPTO engines?

Josef Kokeš j.kokes at apatykaservis.cz
Thu Oct 20 23:09:45 PDT 2011


Oops, I completely overlooked the error message. Here it is:

func=xmlSecMSCryptoAppKeyLoadMemory:file=..\src\mscrypto\app.c:line=237:obj=unknown:subj=format 
== xmlSecKeyDataFormatCertDer:error=100:assertion: ;last error=0 
(0x00000000);last error msg=Operace byla dokončena úspěšně.

(last error msg translated to english: "The operation was successfully 
completed")

Seems to be an incompatible encoding, but why? It's a standard PFX, I 
don't think I can choose encoding for that.

Pepak

> Hi!
>
> I have been using XmlSec for some time, but only with the OpenSSL
> engine. Now I find myself in need of using a MS-Crypto engine (I want to
> use tokens for certificate storage). I thought I would simply change the
> parameter of xmlSecCryptoDLLoadLibrary from "openssl" to "mscrypto", but
> apparently that is not the case:
>
> When I start preparing the signature context, the xmlSecDSigCtxCreate
> succeeds but the following xmlSecCryptoAppKeyLoadMemory(PfxBuf, PfxSize,
> xmlSecKeyDataFormatPkcs12, PfxPassword, 0, 0) returns 0 - the key could
> not be loaded. But the same command succeeds with OpenSSL. I thought
> perhaps it's another case of incompatible PFX files between Windows XP
> and newer Windows, but that is not the case as I can import the PFX
> correctly using the OS's tools.
>
> I am using LibXmlSec version 1.2.18 under Windows, as compiled by Igor
> Zlatkovic in no-unicode mode.
>
> What could possibly be the problem?
>
> Thanks,
>
> Pepak
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
>
> __ Zkontrolovano antivirovym programem NOD32 __
> _______ Mailscanner spolecnosti Phoenix _______



More information about the xmlsec mailing list