m2Crypto_test/m2crypto_test.py

import sys
import os
import time
import cgi
# import urllib  # urlparse
import platform

import keyring
from M2Crypto import m2urllib2
from M2Crypto import m2, SSL, Engine

user_pin = keyring.get_password('sig', 'token')
theurl = 'https://webserviced.anaf.ro/SPVWS2/rest/listaMesaje?zile=5'

if platform.system() == 'Windows':
    pkcs_engine_path = 'C:/Windows/SysWOW64/pkcs11.dll'
    root_certs_path = 'C:/Users/Levi/git/m2Crypto_test/certsign/root2.crt'
elif platform.system() == 'Linux':
    pkcs_engine_path = '/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so'
    root_certs_path = '/home/deeejas/git/m2Crypto_test/certsign/root2.crt'

# load dynamic engine
engine = Engine.load_dynamic_engine('pkcs11', pkcs_engine_path)
pk = Engine.Engine('pkcs11')
pk.ctrl_cmd_string('MODULE_PATH', os.getenv('PKCS11_MODULE'))
# pk.ctrl_cmd_string('SO_PATH', os.getenv('PKCS11_MODULE'))
# m2.lib_init()
if len(user_pin) > 0:
    pk.ctrl_cmd_string('PIN', user_pin)
m2.engine_init(m2.engine_by_id('pkcs11'))

# grab pkey and cert from smartcard
key = pk.load_private_key('slot_0')
cert = pk.load_certificate('slot_0')
# print(cert.get_issuer())
# print(key)

# create context
ssl_context = SSL.Context('sslv23')
ssl_context.set_cipher_list('HIGH:!aNULL:!eNULL:@STRENGTH')
ssl_context.set_session_id_ctx(b'https://webserviced.anaf.ro/')

m2.ssl_ctx_use_pkey_privkey(ssl_context.ctx, key.pkey)
m2.ssl_ctx_use_x509(ssl_context.ctx, cert.x509)
ssl_context.load_verify_locations(cafile=root_certs_path)

opener = m2urllib2.build_opener(ssl_context)
m2urllib2.install_opener(opener)

req = m2urllib2.Request(theurl)
res = m2urllib2.urlopen(req)
print(res.read())