https://www.aleksey.com/xmlsec/api/xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYFROMCERTLOADBIO
Aleksey
wz qiang wrote:
hello Aleksey and Ed,
I use:
openssl x509 -inform pem -in cert.pem -pubkey -noout > publickey.pem
to extract the public key from certificate, and then load the public key
into keymanager:
key = xmlSecCryptoAppKeyLoad(publickeyfile, xmlSecKeyDataFormatPem,
NULL, NULL, NULL);
xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key);
It seems to work.
My following question is, is there some api in xmlsec which I can use to
extract public key directly from certificate. I know in openssl there is
X509_get_pubkey(certfile), but the return type is EVP_PKEY, here we need
xmlSecKeyPtr.
Thanks
Weizhong
On 6/26/08, *Aleksey Sanin* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Ah, I see.... I guess it is a copy/paste error for the comment :)
Aleksey
Ed Shallow wrote:
I believe Weizhong is asking why is the "private" key being
loaded if one simply wants to encrypt.
Loading a public certificate in .pem should be appropriate.
Why is private even mentioned ?
Aleksey Sanin wrote:
The session key is created for you automatically if you specify
that you want AES, DES, ... encryption for the data. Look at the
xmlsec/tests/ examples.
Aleksey
wz qiang wrote:
hi Aleksey and others,
In encrypt3.c, there is one line for loading private key.
/* load private RSA key */
key = xmlSecCryptoAppKeyLoad(key_file,
xmlSecKeyDataFormatPem, NULL, NULL, NULL);
I my understanding, normally the public key is used for
encrypting the session key, and then on the other side
private key is used for decrypting the session key
(session key is used for encrypting the data). So my
question is, how I can do like that by using xmlsec API?
Thanks in advance
Weizhong Qiang
------------------------------------------------------------------------
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com <mailto:xmlsec@aleksey.com>
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com <mailto:xmlsec@aleksey.com>
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com <mailto:xmlsec@aleksey.com>
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com <mailto:xmlsec@aleksey.com>
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec
