Esempi in Python per PivSession.verify_pin

Linguaggio di programmazione: Python

Spazio dei nomi/nome del pacchetto: yubikit.piv

Classe/tipologia: PivSession

Metodo/funzione: verify_pin

Esempi su hotexamples.com: 4

PivSession.verify_pin in Python: 4 esempi trovati. Questi sono i migliori esempi reali in Python per yubikit.piv.PivSession.verify_pin, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Metodi utilizzati di frequente

Mostra Nascondi

PivSession(19)

put_object(6)

sign(4)

verify_pin(4)

get_certificate(3)

get_object(3)

put_certificate(3)

reset(3)

change_pin(3)

generate_key(2)

get_management_key_metadata(2)

authenticate(2)

change_puk(2)

set_management_key(2)

get_pin_attempts(2)

delete_certificate(1)

get_pin_metadata(1)

put_key(1)

unblock_pin(1)

Esempio n. 1

Mostra file

File: yubikey.py Progetto: rsvargas/GAM

 def sign(self, message):
     if 'mplock' in globals():
         mplock.acquire()
     try:
         conn = self._connect()
         with conn:
             session = PivSession(conn)
             if self.pin:
                 try:
                     session.verify_pin(self.pin)
                 except InvalidPinError as err:
                     controlflow.system_error_exit(7, f'YubiKey - {err}')
             try:
                 signed = session.sign(slot=self.slot,
                                       key_type=self.key_type,
                                       message=message,
                                       hash_algorithm=hashes.SHA256(),
                                       padding=padding.PKCS1v15())
             except ApduError as err:
                 controlflow.system_error_exit(8, f'YubiKey - {err}')
     except ValueError as err:
         controlflow.system_error_exit(9, f'YubiKey - {err}')
     if 'mplock' in globals():
         mplock.release()
     return signed

Esempio n. 2

Mostra file

def pivman_change_pin(session: PivSession, old_pin: str, new_pin: str) -> None:
    """Change the PIN, while keeping PivmanData in sync."""
    session.change_pin(old_pin, new_pin)

    pivman = get_pivman_data(session)
    if pivman.has_derived_key:
        session.authenticate(
            MANAGEMENT_KEY_TYPE.TDES,
            derive_management_key(old_pin, cast(bytes, pivman.salt)),
        )
        session.verify_pin(new_pin)
        new_salt = os.urandom(16)
        new_key = derive_management_key(new_pin, new_salt)
        session.set_management_key(MANAGEMENT_KEY_TYPE.TDES, new_key)
        pivman.salt = new_salt
        session.put_object(OBJECT_ID_PIVMAN_DATA, pivman.get_bytes())

Esempio n. 3

Mostra file

File: yubikey.py Progetto: rsvargas/GAM

 def get_certificate(self):
     try:
         conn = self._connect()
         with conn:
             session = PivSession(conn)
             if self.pin:
                 try:
                     session.verify_pin(self.pin)
                 except InvalidPinError as err:
                     controlflow.system_error_exit(7, f'YubiKey - {err}')
             try:
                 cert = session.get_certificate(self.slot)
             except ApduError as err:
                 controlflow.system_error_exit(9, f'YubiKey - {err}')
         cert_pem = cert.public_bytes(serialization.Encoding.PEM).decode()
         publicKeyData = b64encode(cert_pem.encode())
         if isinstance(publicKeyData, bytes):
             publicKeyData = publicKeyData.decode()
         return publicKeyData
     except ValueError as err:
         controlflow.system_error_exit(9, f'YubiKey - {err}')

Esempio n. 4

Mostra file

File: yubikey.py Progetto: rsvargas/GAM

    def reset_piv(self):
        '''Resets YubiKey PIV app and generates new key for GAM to use.'''
        reply = str(
            input(
                'This will wipe all PIV keys and configuration from your YubiKey. Are you sure? (y/N) '
            ).lower().strip())
        if reply != 'y':
            sys.exit(1)
        try:
            conn = self._connect()
            with conn:
                piv = PivSession(conn)
                piv.reset()
                rnd = SystemRandom()
                pin_puk_chars = string.ascii_letters + string.digits + string.punctuation
                new_puk = ''.join(rnd.choice(pin_puk_chars) for _ in range(8))
                new_pin = ''.join(rnd.choice(pin_puk_chars) for _ in range(8))
                piv.change_puk('12345678', new_puk)
                piv.change_pin('123456', new_pin)
                print(f'PIN set to:  {new_pin}')
                piv.authenticate(MANAGEMENT_KEY_TYPE.TDES,
                                 DEFAULT_MANAGEMENT_KEY)

                piv.verify_pin(new_pin)
                print('YubiKey is generating a non-exportable private key...')
                pubkey = piv.generate_key(SLOT.AUTHENTICATION,
                                          KEY_TYPE.RSA2048, PIN_POLICY.ALWAYS,
                                          TOUCH_POLICY.NEVER)
                now = datetime.datetime.utcnow()
                valid_to = now + datetime.timedelta(days=36500)
                subject = 'CN=GAM Created Key'
                piv.authenticate(MANAGEMENT_KEY_TYPE.TDES,
                                 DEFAULT_MANAGEMENT_KEY)
                piv.verify_pin(new_pin)
                cert = generate_self_signed_certificate(
                    piv, SLOT.AUTHENTICATION, pubkey, subject, now, valid_to)
                piv.put_certificate(SLOT.AUTHENTICATION, cert)
                piv.put_object(OBJECT_ID.CHUID, generate_chuid())
        except ValueError as err:
            controlflow.system_error_exit(8, f'YubiKey - {err}')