You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Andrew <ju...@yahoo.com> on 2004/01/28 15:11:05 UTC

Loading DSA Private Key

Good day,

I'm an Apache/OpenSSL newbie so I'm on a steep learning curve here.

I am using XML Security API to provide licensing for our companies software via 
XML DSIG's.

I think I understand all that is going on in the XML Security API.
I understand how to create a key for the HMAC signature algorithm, how to read 
in a certificate and clone the public key even.
However I can't figure out how to load in a private key that is hard coded or 
read in from a file in order to sign the document.

There is the method DSIGSignature::setSigningKey which could work if I new how 
to create a XSECCryptoKey with KEY_DSA_PRIVATE. There are no constructors that 
would help me achieve this.

I think I could do it if it was in a KeyInfo element, but I want the public and 
private keys to be in the code, rather than the XML file itself.

Do I have to use OpenSSL API directly to accomplish this? Or am I just missing 
something obvious? In an event, some sample code would be much appreciated.

Thanks in advance

Andrew

Re: Loading DSA Private Key

Posted by Berin Lautenbach <be...@wingsofhermes.org>.

Andrew,

The OpenSSLCrypto API is purely there to abstract away the layer between 
the xml-encryption library and the encryption library.  The assumption 
is that the application does the work with OpenSSL to load the keys etc. 
and then wraps them in the appropriate library object to pass them in.

So in the case of an OpenSSL key, you can use the 
OpenSSLCryptoKeyDSA(EVP_PKEY *) constructor to wrap the key you have 
already loaded.

If you have a look in checksig.cpp - there is some code to do this.

And I was going to pass a link in the docs to this, but there doesn't 
appear to be any!  So I will fix that.

Cheers,
	Berin

Andrew wrote:

> Good day,
> 
> 
> 
> I'm an Apache/OpenSSL newbie so I'm on a steep learning curve here.
> 
> 
> 
> I am using XML Security API to provide licensing for our companies software via 
> 
> XML DSIG's.
> 
> 
> 
> I think I understand all that is going on in the XML Security API.
> 
> I understand how to create a key for the HMAC signature algorithm, how to read 
> 
> in a certificate and clone the public key even.
> 
> However I can't figure out how to load in a private key that is hard coded or 
> 
> read in from a file in order to sign the document.
> 
> 
> 
> There is the method DSIGSignature::setSigningKey which could work if I new how 
> 
> to create a XSECCryptoKey with KEY_DSA_PRIVATE. There are no constructors that 
> 
> would help me achieve this.
> 
> 
> 
> I think I could do it if it was in a KeyInfo element, but I want the public and 
> 
> private keys to be in the code, rather than the XML file itself.
> 
> 
> 
> Do I have to use OpenSSL API directly to accomplish this? Or am I just missing 
> 
> something obvious? In an event, some sample code would be much appreciated.
> 
> 
> 
> Thanks in advance
> 
> 
> 
> Andrew
> 
> 
>