[Pyxmlsec-devel] xmlsec in python

Dolf Andringa dolfandringa at gmail.com
Wed Feb 22 08:36:56 CET 2012

Oops, forgot to reply to the list as well, here is it to both:

Hi Dieter,

Thanks a lot for the help. Yeah, I am not fluent in C, but I next time I
will first take a look. The keyfile is indeed in PEM format. I was indeed
confused about the "Binary" part in xmlSecReadBinaryFile. I have never
heard of binary key files. Do you have any tips on how to convert a PEM
encoded file to a binary key file? Is it just a matter of base64 unencoding
the PEM encoded data and reading that using xmlsec.KeyReadBuffer? Or is
there an openssl or other way to convert the keyfile?


On 22 February 2012 07:56, Dieter Maurer <dieter at handshake.de> wrote:

> Dear Dolf,
> You wrote:
> > I am trying to decrypt an xml message in python using PyXMLSec.
> > I have found the examples on
> >
> http://pyxmlsec.labs.libre-entreprise.org/index.php?section=examples&id=11
> > and accordingly did the following, but am receiving errors from the c
> > library, which I really don't understand.
> > ...
> > key=xmlsec.keyReadBinaryFile(xmlsec.keyDataRsaId(),private_key_file)
> > '''
> >
> func=xmlSecKeyDataBinRead:file=keysdata.c:line=349:obj=unknown:subj=id->binRead
> > != NULL:error=100:assertion:
> >
> func=xmlSecKeyReadBuffer:file=keys.c:line=1190:obj=rsa:subj=xmlSecKeyDataBinRead:error=1:xmlsec
> > library function failed:
> >
> func=xmlSecKeyReadBinaryFile:file=keys.c:line=1247:obj=rsa:subj=xmlSecKeyReadBuffer:error=1:xmlsec
> > library function failed:filename=my.private.key
> > '''
> I agree that the problem messages from "xmlsec" are mostly helpful
> for the developer (or other people who have its source at hand
> and are willing to consult it).
> In your case, the function "xmlSecKeyDataBinRead" (called from
> "xmlSecKeyReadBinaryFile" via intermediate "xmlSecKeyReadBuffer"
> -- i.e. the problem message is similar to a Python traceback with
> the most recent call at the top) is obviously unhappy
> with your key data: Something which should be "NULL" is not.
> If you are using "xmlsec" on a 64 bit architecture, then this
> might result from "xmlsec" and "pyxmlsec" being compiled with
> incompatible compile time options. The archive of this mailing
> list contains a patch for "pyxmlsec" to fix this problem.
> If not, I would guess that for some reason, your private key file
> does not contain a binary RSA key. Maybe, it uses another format, e.g.
> the "PEM" format. Have a look at the file content: the "PEM" format
> is human readable (it essentially contains the base64 encoded key)
> while a true binary key is unreadable.
> --
> Dieter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.labs.libre-entreprise.org/pipermail/pyxmlsec-devel/attachments/20120222/d35a3f5b/attachment.html>

More information about the Pyxmlsec-devel mailing list