You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Andrew <ju...@yahoo.com> on 2004/01/28 15:11:05 UTC
Loading DSA Private Key
Good day,
I'm an Apache/OpenSSL newbie so I'm on a steep learning curve here.
I am using XML Security API to provide licensing for our companies software via
XML DSIG's.
I think I understand all that is going on in the XML Security API.
I understand how to create a key for the HMAC signature algorithm, how to read
in a certificate and clone the public key even.
However I can't figure out how to load in a private key that is hard coded or
read in from a file in order to sign the document.
There is the method DSIGSignature::setSigningKey which could work if I new how
to create a XSECCryptoKey with KEY_DSA_PRIVATE. There are no constructors that
would help me achieve this.
I think I could do it if it was in a KeyInfo element, but I want the public and
private keys to be in the code, rather than the XML file itself.
Do I have to use OpenSSL API directly to accomplish this? Or am I just missing
something obvious? In an event, some sample code would be much appreciated.
Thanks in advance
Andrew
Re: Loading DSA Private Key
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
Andrew,
The OpenSSLCrypto API is purely there to abstract away the layer between
the xml-encryption library and the encryption library. The assumption
is that the application does the work with OpenSSL to load the keys etc.
and then wraps them in the appropriate library object to pass them in.
So in the case of an OpenSSL key, you can use the
OpenSSLCryptoKeyDSA(EVP_PKEY *) constructor to wrap the key you have
already loaded.
If you have a look in checksig.cpp - there is some code to do this.
And I was going to pass a link in the docs to this, but there doesn't
appear to be any! So I will fix that.
Cheers,
Berin
Andrew wrote:
> Good day,
>
>
>
> I'm an Apache/OpenSSL newbie so I'm on a steep learning curve here.
>
>
>
> I am using XML Security API to provide licensing for our companies software via
>
> XML DSIG's.
>
>
>
> I think I understand all that is going on in the XML Security API.
>
> I understand how to create a key for the HMAC signature algorithm, how to read
>
> in a certificate and clone the public key even.
>
> However I can't figure out how to load in a private key that is hard coded or
>
> read in from a file in order to sign the document.
>
>
>
> There is the method DSIGSignature::setSigningKey which could work if I new how
>
> to create a XSECCryptoKey with KEY_DSA_PRIVATE. There are no constructors that
>
> would help me achieve this.
>
>
>
> I think I could do it if it was in a KeyInfo element, but I want the public and
>
> private keys to be in the code, rather than the XML file itself.
>
>
>
> Do I have to use OpenSSL API directly to accomplish this? Or am I just missing
>
> something obvious? In an event, some sample code would be much appreciated.
>
>
>
> Thanks in advance
>
>
>
> Andrew
>
>
>