I'm trying Python's signxml library to signing xml and verifying the signature. But it throws following exception, what could be wrong?
Traceback (most recent call last):
File "C:/Users/digz/Documents/test_signxml/xml_verify_test_4.py", line 24, in <module>
signed_root = XMLSigner().sign(root, key=key, cert=cert)
File "C:\Python27\lib\site-packages\signxml\__init__.py", line 364, in sign
key = load_pem_private_key(key, password=passphrase, backend=default_backend())
File "C:\Python27\lib\site-packages\cryptography\hazmat\primitives\serialization.py", line 20, in load_pem_private_key
return backend.load_pem_private_key(data, password)
File "C:\Python27\lib\site-packages\cryptography\hazmat\backends\multibackend.py", line 289, in load_pem_private_key
return b.load_pem_private_key(data, password)
File "C:\Python27\lib\site-packages\cryptography\hazmat\backends\openssl\backend.py", line 1033, in load_pem_private_key
password,
File "C:\Python27\lib\site-packages\cryptography\hazmat\backends\openssl\backend.py", line 1202, in _load_key
self._handle_key_loading_error()
File "C:\Python27\lib\site-packages\cryptography\hazmat\backends\openssl\backend.py", line 1274, in _handle_key_loading_error
raise ValueError("Could not unserialize key data.")
ValueError: Could not unserialize key data.
Here's the code I'm using:
from xml.etree import ElementTree
from signxml import XMLSigner, XMLVerifier
from myapp import settings
cert = open(settings.STATIC_ROOT + '/file/public.cert', 'rt').read()
key = open(settings.STATIC_ROOT + '/file/public.key', 'rt').read()
root = ElementTree.fromstring('<xml1>12</xml1>')
signed_root = XMLSigner().sign(root, key=key, cert=cert)
verified_data = XMLVerifier().verify(signed_root).signed_xml
print verified_data
