1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
#!/usr/bin/env python3
import argparse
import http.server
import json
import pathlib
import ssl
import urllib.parse
import lxml
import signxml
version = '2.2.9.276'
identifier = 'f8e5f470-bcff-4c50-8fd6-ccfa2fea12d6'
def sign(xml, key, cert):
original = lxml.etree.fromstring(xml)
signed = signxml.XMLSigner().sign(original, key=key, cert=cert)
return ('<?xml version="1.0" encoding="UTF-8" standalone="no" ?>' +
lxml.etree.tostring(signed, encoding='unicode'))
class Handler(http.server.BaseHTTPRequestHandler):
def reply(self, data):
self.send_response(200)
self.send_header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept')
self.send_header('Access-Control-Allow-Methods', 'POST,GET,OPTIONS')
self.send_header('Access-Control-Allow-Origin', '*')
self.send_header('Access-Control-Allow-Private-Network', 'true')
self.end_headers()
self.wfile.write(json.dumps(data).encode())
def do_GET(self):
url = urllib.parse.urlparse(self.path)
match url.path:
case '/version':
self.reply({'identifier': identifier, 'version': version})
def do_POST(self):
url = urllib.parse.urlparse(self.path)
match url.path:
case '/updateLicense':
self.reply({'error': 1, 'errorMessage': 'OK'})
case '/signXML':
length = int(self.headers['content-length'])
data = json.loads(self.rfile.read(length).decode())
xml = data['bytes'][0].removeprefix('XML:').encode()
print(f'{self.headers.get("origin", "unknown")} wants to sign:\n{xml}\nConfirm?', end=' ')
if input() in ('y', 'yes'):
signed = sign(xml, key=self.server.user_key, cert=self.server.user_cert)
self.reply({
'error': 1,
'errorMessage': '',
'filename': '',
'result': signed,
'signatures': [],
'timestamps': []
})
else:
self.reply({'error': -1, 'errorMessage': 'aborted'})
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Fake the proXSign® application.')
parser.add_argument('-k', '--user-key', type=open, required=True, help='key file')
parser.add_argument('-c', '--user-cert', type=open, required=True, help='certificate file')
parser.add_argument('-K', '--app-key', type=pathlib.Path, required=True, help='app key file')
parser.add_argument('-C', '--app-cert', type=pathlib.Path, required=True, help='app certificate file')
parser.add_argument('-p', '--port', type=int, default=14972, help='port to listen on')
args = parser.parse_args()
tls_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
tls_context.check_hostname = False
tls_context.load_cert_chain(keyfile=args.app_key, certfile=args.app_cert)
httpd = http.server.HTTPServer(('localhost', args.port), Handler)
httpd.user_key = args.user_key.read()
httpd.user_cert = args.user_cert.read()
httpd.socket = tls_context.wrap_socket(httpd.socket, server_side=True)
httpd.serve_forever()
|
