Eureka !!!,
Got it working. That is, Python ctypes against xmlsec on Windows. This
allows Python to call xmslec directly on Windows without the need to compile
a Python C extension module. Thus Python Windows users can call Igor's
binaries directly with only Python code.
Here is what I had to do to get it going ...
- mapped xmlSecMSCryptoAppInit('MY') directly from libxmlsec-mscrypto.dll
instead of from libxmlsec
- mapped xmlSecMSCryptoKeysStoreGetKlass() directly from
libxmlsec-mscrypto.dll instead of from libxmlsec
- mapped xmlSecMSCryptoKeysStoreLoad(.) directly from
libxmlsec-mscrypto.dll instead of from libxmlsec
- removed xmlSecKeysMngrAdoptKeysStore(.) from call sequence
I discovered it by doing an xmlSecMSCryptoAppGetCertStoreName which should
have been returning a MY but wasn't.
This allows the rest of the generic xmlsec code to work fine.
It might have something to do with defaulting constants I think, not
sure. Perhaps Wouter would know. Small price to pay.
As usual thanks for your help,
Ed
-Original Message-
From: Edward Shallow [mailto:[EMAIL PROTECTED]
Sent: October 28, 2005 4:36 PM
To: 'Aleksey Sanin'
Subject: RE: [xmlsec] Finding Keys
Not sure on the broken possibility ...
As you can see keysMngr gets successfully passed in on AdoptKeysStore call
below which subsequently works OK when I KeysMngrFindKey, so I think basic
pointer passing from one call to the next is working. This is the same
convention I used in libxml2.
The one area I can't do is any macro work because Python ctypes requires no
compilation since it marshals calls dynamically to/from C. Could this
absence cause problems ?
Ed
parsedDoc =
libxml2.xmlParseFile('c:/xmlsec/tmpl/tmpl-EPM-sign-enveloped-friendly-rsa.xm
l')
rootNode = libxml2.xmlDocGetRootElement(parsedDoc)
sigNode = xmlsec.xmlSecFindNode(rootNode, 'Signature',
'http://www.w3.org/2000/09/xmldsig#')
print 'found signature node with name', sigNode.contents.name, 'and
type', sigNode.contents.type
keysMngr = xmlsec.xmlSecKeysMngrCreate()
rc = xmlsec.xmlSecCryptoAppDefaultKeysMngrInit(keysMngr)
print 'CryptoAppDefaultKeysMngrInit returned with rc', rc
id = xmlsec.xmlSecSimpleKeysStoreGetKlass()
keyStore = xmlsec.xmlSecKeyStoreCreate(id)
rc = xmlsec.xmlSecSimpleKeysStoreLoad(keyStore,
'c:/xmlsec/keys/keys2.xml', keysMngr)
print 'SimpleKeysStoreLoad returned with rc', rc
rc = xmlsec.xmlSecKeysMngrAdoptKeysStore(keysMngr, keyStore)
print 'KeysMngrAdoptKeysStore returned with rc', rc
dsigCtx = xmlsec.xmlSecDSigCtxCreate()
rc = xmlsec.xmlSecDSigCtxInitialize(dsigCtx, keysMngr)
print 'DSigCtxInitialize returned with rc', rc
keyInfoCtx = xmlsec.xmlSecKeyInfoCtxCreate(keysMngr)
print 'keyInfoCtx.contents.keysMngr', keyInfoCtx.contents.keysMngr,
'keyInfoCtx.contents.mode', keyInfoCtx.contents.mode
key = xmlsec.xmlSecKeysMngrFindKey(keysMngr, 'test-rsa', keyInfoCtx)
print 'xmlSecKeysMngrFindKey returned with key', key.contents.name
key = xmlsec.xmlSecKeyStoreFindKey(keyStore, 'test-rsa', keyInfoCtx)
print 'xmlSecKeyStoreFindKey returned with key', key.contents.name
keyInfoNode = xmlsec.xmlSecFindNode(sigNode, 'KeyInfo',
'http://www.w3.org/2000/09/xmldsig#')
print 'found KeyInfo node with name and type',
keyInfoNode.contents.name, keyInfoNode.contents.type
print 'about to execute xmlSecKeysMngrGetKey'
key = xmlsec.xmlSecKeysMngrGetKey(keyInfoNode, keyInfoCtx)
print 'xmlSecKeysMngrGetKey returned with key', key.contents.name
#xmlsec.xmlSecKeyInfoCtxDebugDump(keyInfoCtx, stdout)
xmlsec.xmlSecDSigCtxDebugDump(dsigCtx, stdout)
rc = xmlsec.xmlSecDSigCtxSign(dsigCtx, sigNode)
print 'Signature creation complete with status code', rc
-Original Message-
From: Aleksey Sanin [mailto:[EMAIL PROTECTED]
Sent: October 28, 2005 4:10 PM
To: [EMAIL PROTECTED]
Cc: xmlsec@aleksey.com
Subject: Re: [xmlsec] Finding Keys
Do you see something obvious that I don't see ?
Stupid idea but ... would it be possible that Python wrapper does not pass
the key manager to dsig context correctly? E.g. the assignment operator for
keys manager is broken or it's just the Python syntax/semantic?
Aleksey
___
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec
