Python CAC Client Authentication

Question

Python CAC Client Authentication

I am creating a python application to retrieve data from a website. The application must authenticate (HTTPS / SSL) using the CAC and the output for the request.

My assumption is that you cannot get the private key from the CAC, and therefore I am stuck with Wrapper PKCS # 11, like PyKCS ?

Any tips or resources for this?

+4

python smartcard pkcs # 11 cac

Präriewolf Mar 2 '10 at 20:50

source share

3 answers

You're right. To make the whole purpose of a smart card to keep secret keys safe. If your application is running on Windows, you can try to use WININET.DLL to connect, if the middleware is installed correctly, it should automatically process authentication on the CAC website.

0

Vlad Mar 2 '10 at 23:30

source share

I would try to find out if the ECA certificate is a suitable replacement. For example, there are sites that accept CAC and ECA certificates. For more information: http://iase.disa.mil/pki/eca/certificate.html

0

Raymond Apr 27 '10 at 19:31

source share

Martin paljak · Accepted Answer · 2010-03-03T06:21:00+0000

Authentication and signature keys are usually generated on the card and cannot be extracted, unlike encryption keys that can / should be placed somewhere.

See Need help using M2Crypto.Engine to access a USB token for an example with M2Crypto, which explains how to use a smart card through PKCS # 11 to access a website in python.

Python CAC Client Authentication

More articles: