我尝试使用CKM_SHA256_RSA_PKCS机制签署一些数据...我在lowlevel-API时遇到问题,因为几乎没有文档,几乎没有示例。我试图做一些几乎与Sign/verify PyKCS11 library相同的事情 我似乎无法使用低级(糟糕)API正确转换代码。
这是我尝试的一些简短片段。
a = CPKCS11Lib()
info = CK_INFO()
m = PyKCS11.LowLevel.CK_MECHANISM()
signature = ckbytelist()
m.mechanism = PyKCS11.LowLevel.CKM_SHA256_RSA_PKCS
key = PyKCS11.LowLevel.CK_OBJECT_HANDLE()
slotInfo = CK_SLOT_INFO()
lib='/opt/PTK/lib/libcryptoki.so'
session = CK_SESSION_HANDLE()
sessionInfo = CK_SESSION_INFO()
tokenInfo = CK_TOKEN_INFO()
slotList = ckintlist()
objects = ckobjlist()
binaryData = "XYZ"
sha256 = hashlib.sha256()
sha256.update(str(bytearray(binaryData)))
digest = sha256.digest()
binaryData2 = '\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20' + digest
signMechanism = PyKCS11.Mechanism(PyKCS11.LowLevel.CKM_SHA256_RSA_PKCS, None)
signedData = str(a.C_Sign(CKA_PRIVATE, binaryData2, signMechanism))
print(signedData)
获取signedData
def C_Sign(self, *args): return _LowLevel.CPKCS11Lib_C_Sign(self, *args)
TypeError: in method 'CPKCS11Lib_C_Sign', argument 2 of type 'CK_SESSION_HANDLE'