Hi Aleksey, Making progress, but still having problem getting at keys with Python and ctypes module. I won't ask you any Python or ctype questions, I promise. But I will ask you to comment on these observations from an xmlsec perspective if you would be so kind.
What I am able to do: ********************* - using xmlsec command line utility, sign with keys specified by KeyName in template sourced from Simple Keys Store in (i.e. keys.xml) - using xmlsec command line utility, sign with keys specified by KeyName in template sourced from mscrypto store in either short friendly name form or long X.500 name form - using Python and ctypes against libxml2, I can parse docs, walk trees, access children, get and set node contents, pretty much anything the lib can do - using Python and ctypes against xmlsec I can run everything clean up to the last 2 lines below where it fails That is, I can Find keys using either xmlSecKeysMngrFindKey or xmlSecKeyStoreFindKey, and I can Get keys using xmlSecKeysMngrGetKey as long as they are in the keys.xml Simple Keys Store. None of these 3 work when an mscrypto store key is specified. Mscrypto support is advertised as being able to first look in the SimpleKeysStore and if not found there to then look in mscrypto store. What I am NOT able to do: ************************* I can't however go on to use the key to actually sign using the DSigCtx (last 2 lines). This inability applies to both keys.xml and the mscrypto store. Do you see something obvious that I don't see ? Thanks, Ed Simplified code snippet ... libxml2.xmlParseFile() rootNode = libxml2.xmlDocGetRootElement(parsedDoc) sigNode = xmlsec.xmlSecFindNode(rootNode, 'Signature', 'http://www.w3.org/2000/09/xmldsig#') keysMngr = xmlsec.xmlSecKeysMngrCreate() rc = xmlsec.xmlSecCryptoAppDefaultKeysMngrInit(keysMngr) id = xmlsec.xmlSecSimpleKeysStoreGetKlass() keyStore = xmlsec.xmlSecKeyStoreCreate(id) rc = xmlsec.xmlSecSimpleKeysStoreLoad(keyStore, 'c:/xmlsec/keys/keys2.xml', keysMngr) rc = xmlsec.xmlSecKeysMngrAdoptKeysStore(keysMngr, keyStore) dsigCtx = xmlsec.xmlSecDSigCtxCreate() rc = xmlsec.xmlSecDSigCtxInitialize(dsigCtx, keysMngr) keyInfoCtx = xmlsec.xmlSecKeyInfoCtxCreate(keysMngr) # block below works for keys in Simple Key Store key = xmlsec.xmlSecKeysMngrFindKey(keysMngr, 'test-rsa', keyInfoCtx) key = xmlsec.xmlSecKeyStoreFindKey(keyStore, 'test-rsa', keyInfoCtx) keyInfoNode = xmlsec.xmlSecFindNode(sigNode, 'KeyInfo', 'http://www.w3.org/2000/09/xmldsig#') key = xmlsec.xmlSecKeysMngrGetKey(keyInfoNode, keyInfoCtx) # can't get keys when signing though ??? rc = xmlsec.xmlSecDSigCtxSign(dsigCtx, sigNode) print 'Signature creation complete with status code', rc Output from above ... Entering xmlsec ctypes wrap Initializing libxml2 parser Loading dynamic crypto support, return code 0 Loading mscrypto, return code 0 CryptoAppInit, return code 0 Initializing xmlsec, return code 0 CryptoInit, return code 0 stdin fileno = 0 stdout fileno = 1 stderr fileno = 2 found signature node with name Signature and type 1 CryptoAppDefaultKeysMngrInit returned with rc 0 SimpleKeysStoreLoad returned with rc 0 KeysMngrAdoptKeysStore returned with rc 0 DSigCtxInitialize allocated <ctypes.LP_xmlSecDSigCtx object at 0x00B3CD30> keyInfoCtx.contents.keysMngr 11586024 keyInfoCtx.contents.mode 0 xmlSecKeysMngrFindKey returned with key test-rsa xmlSecKeyStoreFindKey returned with key test-rsa found KeyInfo node with name KeyInfo and type 1 xmlSecKeysMngrGetKey returned with key test-rsa func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=xmlS ecKeysMngrFindKey:error=1:xmlsec library function failed: ;last error=-2146885628 (0x80092004);last error msg=Cannot find object or property. func=xmlSecDSigCtxProcessKeyInfoNode:file=..\src\xmldsig.c:line=871:obj=unkn own:subj=unknown:error=45:key is not found: ;last error=-2146885628 (0x80092004);last error msg=Cannot find object or property. func=xmlSecDSigCtxProcessSignatureNode:file=..\src\xmldsig.c:line=565:obj=un known:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlsec library function failed: ;last error=-2146885628 (0x80092004);last error msg=Cannot find object or property. func=xmlSecDSigCtxSign:file=..\src\xmldsig.c:line=303:obj=unknown:subj=xmlSe cDSigCtxSigantureProcessNode:error=1:xmlsec library function failed: ;last error=-2146885628 (0x80092004);last error msg=Cannot find object or property. Signature creation complete with status code -1 _______________________________________________ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec