def pytest_configure(config):
"""
Set up the globals for this test run.
"""
if config.getoption("loglevel", None):
logger = logging.getLogger()
log_formatter = logging.Formatter(
'%(asctime)s:%(name)s:%(levelname)s: %(message)s')
console_handler = logging.StreamHandler(sys.stdout)
console_handler.setFormatter(log_formatter)
logger.addHandler(console_handler)
logger.setLevel(config.getoption("loglevel").upper())
test_config["test_slot"] = config.getoption("test_slot")
test_config["user"] = config.getoption("user")
c_initialize()
try:
# Factory Reset
slot = test_config["test_slot"]
ret, token_info = c_get_token_info(slot)
assert ret == CKR_OK
flags = token_info['flags']
is_ped = (flags & CKF_PROTECTED_AUTHENTICATION_PATH) != 0
test_config["is_ped"] = is_ped
test_config['firmware'] = get_firmware_version(slot)
if is_ped:
admin_pwd = None
co_pwd = config.getoption("copassword", default=None)
else:
co_pwd = config.getoption("copassword", default=CO_PASSWORD)
admin_pwd = config.getoption("password")
if admin_pwd:
admin_pwd = admin_pwd
if co_pwd:
co_pwd = co_pwd
test_config['admin_pwd'] = admin_pwd
test_config['co_pwd'] = co_pwd
if config.getoption("user") == "CO":
test_config['password'] = co_pwd
else:
test_config['password'] = admin_pwd
finally:
c_finalize()
def initialize(pytestconfig):
"""
Initialize the library.
"""
ret = c_initialize()
assert ret == CKR_OK
yield
c_finalize()
import json
import base64
import sys
from pypkcs11.session_management import c_initialize, c_open_session, login
from pypkcs11.defines import *
from pypkcs11.key_generator import c_generate_key_pair
from pypkcs11.default_templates import CKM_RSA_PKCS_KEY_PAIR_GEN_PUBTEMP, CKM_RSA_PKCS_KEY_PAIR_GEN_PRIVTEMP
from pypkcs11.unbound import dyc_create_x509_request
from pypkcs11.token_management import get_token_by_label
organizationId = 123456 # DigiCert ID of your organisation
devkey = 'YOUR-DC-DEVKEY'
userPin = ''
c_initialize()
rv, slot = get_token_by_label(b'demopartition')
assert rv == CKR_OK
rv, session = c_open_session(slot, CKF_SERIAL_SESSION | CKF_RW_SESSION)
assert rv == CKR_OK
rv = login(session, 0, userPin)
assert rv == CKR_OK
csrSubj = 'C=IL, L=Petah Tikva, O=Unbound Tech Ltd, OU=Test1, CN=www.unboundtech.com'
pbkey_template, prkey_template = (CKM_RSA_PKCS_KEY_PAIR_GEN_PUBTEMP,
CKM_RSA_PKCS_KEY_PAIR_GEN_PRIVTEMP)
pbkey_template[CKA_LABEL] = b'DemoPublicKey'
prkey_template[CKA_LABEL] = b'DemoPrivateKey'
ret, pub_key, priv_key = c_generate_key_pair(
session,
mechanism=CKM_RSA_PKCS_KEY_PAIR_GEN,
pbkey_template=pbkey_template,
parser = \
argparse.ArgumentParser(formatter_class=argparse.ArgumentDefaultsHelpFormatter,
conflict_handler='resolve',
description='''Sync offline target keys with UKC.'''
)
parser.add_argument('--creds', help='UKC credentials (json)')
args = parser.parse_args()
keys_dir = path.join(os.environ['HOME'], '.docker/trust/private')
key_files = [
f for f in os.listdir(keys_dir) if path.isfile(path.join(keys_dir, f))
]
rv = c_initialize()
check_rv(rv, "c_initialize()")
(rv, slot_list) = sess_mng.c_get_slot_list()
check_rv(rv, "c_get_slot_list()")
slot = slot_list[0]
(rv, session) = c_open_session(slot)
check_rv(rv, "c_open_session()")
rv = login(session, slot, args.creds)
check_rv(rv, "login()")
(rv, handles) = c_find_objects(session, {CKA_CLASS: CKO_DATA}, 1000)
check_rv(rv, "c_find_objects()")