[Pyxmlsec-devel] xmlsec in python

Dolf Andringa dolfandringa at gmail.com
Wed Feb 22 08:36:56 CET 2012


Oops, forgot to reply to the list as well, here is it to both:

Hi Dieter,

Thanks a lot for the help. Yeah, I am not fluent in C, but I next time I
will first take a look. The keyfile is indeed in PEM format. I was indeed
confused about the "Binary" part in xmlSecReadBinaryFile. I have never
heard of binary key files. Do you have any tips on how to convert a PEM
encoded file to a binary key file? Is it just a matter of base64 unencoding
the PEM encoded data and reading that using xmlsec.KeyReadBuffer? Or is
there an openssl or other way to convert the keyfile?
Cheers,

Dolf.


On 22 February 2012 07:56, Dieter Maurer <dieter at handshake.de> wrote:

> Dear Dolf,
>
> You wrote:
> > I am trying to decrypt an xml message in python using PyXMLSec.
> > I have found the examples on
> >
> http://pyxmlsec.labs.libre-entreprise.org/index.php?section=examples&id=11
> > and accordingly did the following, but am receiving errors from the c
> > library, which I really don't understand.
> > ...
> > key=xmlsec.keyReadBinaryFile(xmlsec.keyDataRsaId(),private_key_file)
> > '''
> >
> func=xmlSecKeyDataBinRead:file=keysdata.c:line=349:obj=unknown:subj=id->binRead
> > != NULL:error=100:assertion:
> >
> func=xmlSecKeyReadBuffer:file=keys.c:line=1190:obj=rsa:subj=xmlSecKeyDataBinRead:error=1:xmlsec
> > library function failed:
> >
> func=xmlSecKeyReadBinaryFile:file=keys.c:line=1247:obj=rsa:subj=xmlSecKeyReadBuffer:error=1:xmlsec
> > library function failed:filename=my.private.key
> > '''
>
> I agree that the problem messages from "xmlsec" are mostly helpful
> for the developer (or other people who have its source at hand
> and are willing to consult it).
>
> In your case, the function "xmlSecKeyDataBinRead" (called from
> "xmlSecKeyReadBinaryFile" via intermediate "xmlSecKeyReadBuffer"
> -- i.e. the problem message is similar to a Python traceback with
> the most recent call at the top) is obviously unhappy
> with your key data: Something which should be "NULL" is not.
>
> If you are using "xmlsec" on a 64 bit architecture, then this
> might result from "xmlsec" and "pyxmlsec" being compiled with
> incompatible compile time options. The archive of this mailing
> list contains a patch for "pyxmlsec" to fix this problem.
>
> If not, I would guess that for some reason, your private key file
> does not contain a binary RSA key. Maybe, it uses another format, e.g.
> the "PEM" format. Have a look at the file content: the "PEM" format
> is human readable (it essentially contains the base64 encoded key)
> while a true binary key is unreadable.
>
>
> --
> Dieter
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.labs.libre-entreprise.org/pipermail/pyxmlsec-devel/attachments/20120222/d35a3f5b/attachment.html>


More information about the Pyxmlsec-devel mailing list