def ca_gen(self, label, keyID, subject): privKey = self.session.findObjects([(PyKCS11.CKA_CLASS, PyKCS11.CKO_PRIVATE_KEY), (PyKCS11.CKA_ID, keyID)])[0] pubKey = self.session.findObjects([(PyKCS11.CKA_CLASS, PyKCS11.CKO_PUBLIC_KEY), (PyKCS11.CKA_ID, keyID)])[0] pubKey = self.session.findObjects([(PyKCS11.CKA_CLASS, PyKCS11.CKO_PUBLIC_KEY), (PyKCS11.CKA_ID, keyID)])[0] modulus = self.session.getAttributeValue(pubKey, [PyKCS11.CKA_MODULUS])[0] modulus = binascii.hexlify(bytearray(modulus)).decode("utf-8") exponent = self.session.getAttributeValue( pubKey, [PyKCS11.CKA_PUBLIC_EXPONENT])[0] exponent = binascii.hexlify(bytearray(exponent)).decode("utf-8") pubKey = asn1keys.RSAPublicKey({ 'modulus': int('0x' + modulus, 16), 'public_exponent': int('0x' + exponent, 16) }) #pubKey = asn1keys.RSAPublicKey.load(pubKey.dump()) self.ca(1, pubKey, privKey, label, subject, keyID)
def ca_sign(self, keyID, label, sn, subject, days, cakeyID): caprivKey = self.session.findObjects([(PyKCS11.CKA_CLASS, PyKCS11.CKO_PRIVATE_KEY), (PyKCS11.CKA_ID, cakeyID)])[0] pubKey = self.session.findObjects([(PyKCS11.CKA_CLASS, PyKCS11.CKO_PUBLIC_KEY), (PyKCS11.CKA_ID, keyID)])[0] modulus = self.session.getAttributeValue(pubKey, [PyKCS11.CKA_MODULUS])[0] modulus = binascii.hexlify(bytearray(modulus)).decode("utf-8") exponent = self.session.getAttributeValue( pubKey, [PyKCS11.CKA_PUBLIC_EXPONENT])[0] exponent = binascii.hexlify(bytearray(exponent)).decode("utf-8") pubKey = asn1keys.RSAPublicKey({ 'modulus': int('0x' + modulus, 16), 'public_exponent': int('0x' + exponent, 16) }) #pubKey = asn1keys.RSAPublicKey.load(pubKey.dump()) until = datetime.datetime.now( tz=asn1util.timezone.utc) + datetime.timedelta(days=days) der_bytes = self.certsign(sn, pubKey, subject, until, caprivKey) self.cert_save(der_bytes, label, subject, keyID)
def export_public_der(self) -> bytes: return keys.PublicKeyInfo.wrap( keys.RSAPublicKey({ "modulus": self.modulus, "public_exponent": self.public_exponent }), "rsa").dump()