我已经使用 openssl 命令生成了私钥和公共证书：

openssl req -x509 -newkey rsa:4096 -keyout private_key.pem -out public_cert.pem -nodes -days 1460 -subj "/C=YOURCOUNTRY/O=YOURCOMPANYNAME/CN=COMMONNAME

使用上面生成的私钥对xml进行签名并尝试验证相同，但验证失败，示例代码如下：

from lxml import etree
import os
from signxml import XMLSigner,XMLVerifier


current_path = os.path.dirname(os.path.abspath(__file__))
ca_cert_file = os.path.join(current_path,"public_cert.pem")
cert = open(ca_cert_file).read()
key = open(os.path.join(current_path,"private_key.pem")).read()

data_to_sign = "<Test/>"
root = etree.fromstring(data_to_sign)
signer = XMLSigner(c14n_algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315')
signed_root = signer.sign(root,key=key,cert=cert)
verified_data = XMLVerifier().verify(signed_root,ca_pem_file=ca_cert_file)

执行上述代码导致以下异常：

Traceback (most recent call last):
  File "C:\Users\<username>\AppData\Local\Programs\Python\python38-32\lib\site-packages\signxml\__init__.py",line 864,in verify
    verify(signing_cert,raw_signature,signed_info_c14n,signature_digest_method)
  File "C:\Users\<username>\AppData\Local\Programs\Python\python38-32\lib\site-packages\OpenSSL\crypto.py",line 2869,in verify
    _raise_current_error()
  File "C:\Users\<username>\AppData\Local\Programs\Python\python38-32\lib\site-packages\OpenSSL\_util.py",line 54,in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.crypto.Error: [('rsa routines','RSA_padding_check_PKCS1_type_1','invalid padding'),('rsa routines','rsa_ossl_public_decrypt','padding check Failed')]

解决方法

暂无找到可以解决该程序问题的有效方法，小编努力寻找整理中！

如果你已经找到好的解决方法，欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@）