def pkcs11_signer(to_sign): pkcslib.getInfo # just to keep pkcslib in scope, it's a NOOP h.update(to_sign) di = rfc2315.DigestInfo() di['digestAlgorithm'] = None di['digestAlgorithm'][0] = HASH_OIDS[md] di['digest'] = h.finalize() signature = bytes( session.sign(key, encoder.encode(di), PyKCS11.MechanismRSAPKCS1)) session.logout() return signature
class MacData(univ.Sequence): """RFC7292: PKCS #12: Personal Information Exchange Syntax v1.1 MacData ::= SEQUENCE { mac DigestInfo, macSalt OCTET STRING, iterations INTEGER DEFAULT 1 -- Note: The default is for historical reasons and its use is -- deprecated. } """ componentType = namedtype.NamedTypes( namedtype.NamedType("mac", rfc2315.DigestInfo()), namedtype.NamedType("macSalt", univ.OctetString()), namedtype.OptionalNamedType("iterations", univ.Integer()), )
class SpcIndirectData(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('spcKind', SpcKind()), namedtype.NamedType('digest', rfc2315.DigestInfo()))
class SpcIndirectDataContent(univ.Sequence): componentType = namedtype.NamedTypes( namedtype.NamedType('data', SpcAttributeTypeAndOptionalValue()), namedtype.NamedType('messageDigest', rfc2315.DigestInfo()))