def piv_export_certificate(self, slot, file_url): file_path = self._get_file_path(file_url) with self._open_device([SmartCardConnection]) as conn: session = PivSession(conn) cert = session.get_certificate(SLOT[slot]) with open(file_path, 'wb') as file: file.write( cert.public_bytes(encoding=serialization.Encoding.PEM)) return success()
def list_certificates(session: PivSession) -> Mapping[SLOT, Optional[x509.Certificate]]: """Reads out and parses stored certificates. Only certificates which are successfully parsed are returned. """ certs = OrderedDict() for slot in set(SLOT) - {SLOT.ATTESTATION}: try: certs[slot] = session.get_certificate(slot) except ApduError: pass except BadResponseError: certs[slot] = None # type: ignore return certs
def get_certificate(self): try: conn = self._connect() with conn: session = PivSession(conn) if self.pin: try: session.verify_pin(self.pin) except InvalidPinError as err: controlflow.system_error_exit(7, f'YubiKey - {err}') try: cert = session.get_certificate(self.slot) except ApduError as err: controlflow.system_error_exit(9, f'YubiKey - {err}') cert_pem = cert.public_bytes(serialization.Encoding.PEM).decode() publicKeyData = b64encode(cert_pem.encode()) if isinstance(publicKeyData, bytes): publicKeyData = publicKeyData.decode() return publicKeyData except ValueError as err: controlflow.system_error_exit(9, f'YubiKey - {err}')