[xmlsec] problem with raw-x509-cert
Leif Johansson
leifj at mnt.se
Tue Jul 10 16:45:36 PDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I've run into a strange problem that manifests itself when I use the
python bindings for xmlsec [1] although from what I can tell (cf below)
the problem seems to be in libxmlsec.
The issue is related to the use of the "raw-x509-cert" data klass.
The python code calls xmlSecKeyReadBinaryFile to read a file containing
a DER encoded X509 certificate (1st arg is xmlSecKeyDataRawX509CertId).
In xmlSecKeyReadBinaryFile, xmlSecKeyReadBuffer is called which in
turn calls xmlSecKeyInfoCtxInitialize to initialize a xmlSecKeyInfoCtx.
Here is where it breaks for me!
This is what the call to xmlSecKeyInfoCtxInitialize in
xmlSecKeyReadBuffer looks like in version 1.2.18 (~ src/keys.c:1173):
ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
However almost immediately in xmlSecKeyInfoCtxInitialize there is this:
xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
which of course fails. Clearly this code-path can't work, right? Either
the assert is wrong or that keyInfoCtx needs a way to find its keysMngr.
Cheers Leif
[1] http://pypi.python.org/pypi/dm.xmlsec.binding
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk/8vqAACgkQ8Jx8FtbMZneg2QCfawDcuBek2jVn8Nn7mJekF4rl
fQoAoLe6mnLTIfmpgl86J4hJ1oDOm+V9
=5V9B
-----END PGP SIGNATURE-----
More information about the xmlsec
mailing list