首页 发现 帮助
注册 登录
Shared
/
pkcs11
2
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
分支: master
分支列表 标签列表
pkcs11
/
pykcs_tls_request.py

pykcs_tls_request.py 2.3 KB
永久链接 文件历史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. '''Created Oct 13, 2021 Levi'''
    2. 

  2. import os
    3. 

  3. import ssl
    4. 

  4. import tempfile
    5. 

  5. import urllib.request
    6. 

  6. import asn1crypto.pem
    7. 

  7. 

  8. import keyring
    9. 

  9. import PyKCS11
    10. 

  10. from PyKCS11.LowLevel import (CKA_CLASS, CKO_CERTIFICATE,
    11. 

  11.                               CKA_VALUE, CKA_ID, CKM_SHA1_RSA_PKCS,
    12. 

  12.                               CKO_PRIVATE_KEY, CKM_SHA256_RSA_PKCS,
    13. 

  13.                               CKF_SERIAL_SESSION, CKF_RW_SESSION,
    14. 

  14.                               CKA_LABEL, CKA_VALUE, CKA_MODULUS)
    15. 

  15. 

  16. import requests
    17. 

  17. 

  18. lib = PyKCS11.PyKCS11Lib()
    19. 

  19. lib.load()
    20. 

  20. keyID = (0x38, 0x7b, 0x4b, 0x49, 0xe2, 0xe7, 0x10, 0x4f, 0x60, 0x15, 0xc1, 0x42, 0x38, 0x6c, 0x3d, 0x41, 0x43, 0x5e, 0x91, 0x9b,)
    21. 

  21. token_present = True
    22. 

  22. slot = lib.getSlotList(tokenPresent=True)[0]
    23. 

  23. session = lib.openSession(slot, CKF_SERIAL_SESSION | CKF_RW_SESSION)
    24. 

  24. session.login(keyring.get_password('sig', 'token'))
    25. 

  25. pkcs11_certificates = session.findObjects([(CKA_CLASS, CKO_CERTIFICATE), (CKA_LABEL, 'Levente Marton')])
    26. 

  26. # assert len(pkcs11_certificates) == 1
    27. 

  27. pkcs11_cert = pkcs11_certificates[0]
    28. 

  28. privKey = session.findObjects([(CKA_CLASS, CKO_PRIVATE_KEY), (CKA_ID, keyID)])[0]
    29. 

  29. modulus = session.getAttributeValue(privKey, [CKA_MODULUS])[0]
    30. 

  30. priv_key_dct = privKey.to_dict()
    31. 

  31. # print(pkcs11_cert)
    32. 

  32. print(privKey)
    33. 

  33. pkcs11_cert_dct = pkcs11_cert.to_dict()
    34. 

  34. der_encoded_certificate = bytes(pkcs11_cert_dct['CKA_VALUE'])
    35. 

  35. # print(der_encoded_certificate)
    36. 

  36. pem_armored_certificate = asn1crypto.pem.armor("CERTIFICATE",
    37. 

  37.                                                der_encoded_certificate)
    38. 

  38. pem_armored_priv_key = asn1crypto.pem.armor("PRIVATE KEY",
    39. 

  39.                                             bytes(modulus))
    40. 

  40. certfile = 'cert.pem'
    41. 

  41. # privkey = 'privkey.key'
    42. 

  42. # with open(certfile, 'wb') as certfile_handle:
    43. 

  43. #     certfile_handle.write(pem_armored_certificate)
    44. 

  44. # with open(privkey, 'wb') as certfile_handle:
    45. 

  45. #     certfile_handle.write(pem_armored_priv_key)
    46. 

  46. # try:
    47. 

  47. session.logout()
    48. 

  48. session.closeSession()
    49. 

  49. cookie = {'LastMRH_Session': '7309fec2; F5_ST=1z1z1z1637062323z-1',
    50. 

  50.           'MRHSession': '12f446c0f7d6dacc00657e8d7309fec2'}
    51. 

  51. 

  52. sslctx = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
    53. 

  53. sslctx.load_cert_chain('cert.pem')
    54. 

  54. # except Exception as exc_:
    55. 

  55. #     print(exc_)
    56. 

  56. # finally:
    57. 

  57. # r = requests.get('https://decl.anaf.mfinante.gov.ro/WAS6DUS/', cookies=cookie)
    58. 

  58. # print(r.status_code)
    59. 

  59.