How to sign XML using xmlsec and CSP?

352 Views Asked by Nem At 18 August 2022 at 05:06

I need to sign XML using xmlsec and certificate provided by csp. (C++, Linux only) Here is the simplified code.

HCERTSTORE hStore = NULL;
hStore = CertOpenStore();
PCCERT_CONTEXT pContext = CertFindCertificateInStore(hStore...);
//xml preparation using libxml2

xmlSecKeyPtr signKey = xmlSecKeyCreate();
xmlSecDSigCtxPtr dsigCtx = xmlSecDSigCtxCreate(mngr);
dsigCtx->signKey = ???; // How to set sign key?
xmlSecDSigCtxSign(dsigCtx, signNode);

How to set signkey? How to extract it from cert? In Java it's done by CryptAcquireCertificatePrivateKey with cryptSetProvParam setting password. But in Linux no success with this call.

Original Q&A

There are 1 best solutions below

0xShawnAdams On 23 August 2022 at 06:44

Have you looked at the documentation? Try these two links:

https://www.aleksey.com/xmlsec/api/xmlsec-verify-with-key.html

https://www.aleksey.com/xmlsec/api/xmlsec-notes-sign.html

Specifically, this line looks like it sets the sign key, with key_file being a char array:

dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);

This should help getting the key from a cert: How can I extract a key from an SSL certificate?

How to sign XML using xmlsec and CSP?

There are 1 best solutions below

Related Questions in C++

Related Questions in CRYPTOAPI

Related Questions in XMLSEC

Trending Questions

Popular # Hahtags

Popular Questions