从PKS文件获取python signxml的证书和密钥

问题描述 投票:1回答:1

我使用以下命令从pks文件获取cert&key。

 openssl pkcs12 -in ../my.pfx  -nocerts -out my.key
openssl pkcs12 -in ~/my.pfx -clcerts -nokeys -out cert.pem

但是我一直在收到错误。我怀疑my.key不正确。如何生成正确的密钥和证书来提供signxml?我在Ubuntu 16.04上使用python3.5。先感谢您!

 File "/home/ubuntu/.local/lib/python3.5/site-packages/signxml/__init__.py", line 362, in sign
    key = load_pem_private_key(key, password=passphrase, backend=default_backend())
  File "/home/ubuntu/.local/lib/python3.5/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 16, in load_pem_private_key
    return backend.load_pem_private_key(data, password)
  File "/home/ubuntu/.local/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1025, in load_pem_private_key
    password,
  File "/home/ubuntu/.local/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1218, in _load_key
    mem_bio = self._bytes_to_bio(data)
  File "/home/ubuntu/.local/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 454, in _bytes_to_bio
    data_ptr = self._ffi.from_buffer(data)
TypeError: from_buffer() cannot return the address of a unicode object

来自xml页面的示例代码:

cert = open("example.pem").read()
key = open("example.key").read()
root = ElementTree.fromstring(data_to_sign)
signed_root = XMLSigner().sign(root, key=key, cert=cert)
verified_data = XMLVerifier().verify(signed_root).signed_xml
python-3.x cryptography xml-signature xmlsec
1个回答
2
投票

我想这是Python2与Python3的关系。我所需要的只是

key = open("example.key").read().encode('ascii')
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.