def generate(self, slot, algorithm, pin_policy, touch_policy): try: check(ykpiv.ykpiv_disconnect(self._state)) return self._cmd.generate(slot, algorithm, pin_policy, touch_policy) finally: self._reset()
def import_cert(self, cert_pem, slot, frmt='PEM', password=None): try: check(ykpiv.ykpiv_disconnect(self._state)) return self._cmd.import_cert(cert_pem, slot, frmt, password) finally: self._reset() self._read_status()
def import_key(self, cert_pem, slot, frmt, password, pin_policy, touch_policy): try: check(ykpiv.ykpiv_disconnect(self._state)) return self._cmd.import_key(cert_pem, slot, frmt, password, pin_policy, touch_policy) finally: self._reset()
def delete_cert(self, slot): if slot not in self._certs: raise ValueError('No certificate loaded in slot: %s' % slot) try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.delete_cert(slot) del self._certs[slot] finally: self._reset()
def set_pin(self, pin): if isinstance(pin, text_type): pin = pin.encode('utf8') if len(pin) > 8: raise ValueError(m.pin_too_long) try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.change_pin(pin) finally: self._reset()
def set_puk(self, puk, new_puk): if isinstance(puk, text_type): puk = puk.encode('utf8') if isinstance(new_puk, text_type): new_puk = new_puk.encode('utf8') if len(new_puk) > 8: raise ValueError(m.puk_too_long) try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.change_puk(puk, new_puk) except ValueError as e: wrap_puk_error(e) finally: self._reset()
def reset_pin(self, puk, new_pin): if isinstance(new_pin, text_type): new_pin = new_pin.encode('utf8') if len(new_pin) > 8: raise ValueError(m.pin_too_long) if isinstance(puk, text_type): puk = puk.encode('utf8') try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.reset_pin(puk, new_pin) except ValueError as e: wrap_puk_error(e) finally: self._reset() self._read_status()
def _read_status(self): try: check(ykpiv.ykpiv_disconnect(self._state)) data = self._cmd.run('-a', 'status') lines = data.splitlines() chunk = [] while lines: line = lines.pop(0) if chunk and not line.startswith(b'\t'): self._parse_status(chunk) chunk = [] chunk.append(line) if chunk: self._parse_status(chunk) self._status = data finally: self._reset()
def set_chuid(self): try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.set_chuid() finally: self._reset()
def create_selfsigned_cert(self, subject, pubkey_pem, slot, valid_days=365): try: check(ykpiv.ykpiv_disconnect(self._state)) return self._cmd.create_ssc(subject, pubkey_pem, slot, valid_days) finally: self._reset()
def create_csr(self, subject, pubkey_pem, slot): try: check(ykpiv.ykpiv_disconnect(self._state)) return self._cmd.create_csr(subject, pubkey_pem, slot) finally: self._reset()
def generate(self, slot, algorithm, pin_policy, touch_policy): try: check(ykpiv.ykpiv_disconnect(self._state)) return self._cmd.generate(slot, algorithm, pin_policy, touch_policy) finally: self._reset()
def reset_device(self): try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.run('-a', 'reset') finally: del self._cmd
def set_ccc(self): try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.run('-a', 'set-ccc') finally: self._reset()
def set_chuid(self): try: check(ykpiv.ykpiv_disconnect(self._state)) self._cmd.set_chuid() finally: self._reset()
def reconnect(self): check(ykpiv.ykpiv_disconnect(self._state)) self._reset()