Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
802.1x configuration / data collection on OS X using python and the PrivateFramework "EAP8021X.framework"
# This was all run from user space
# I haven't tested it with root
# ... but it didn't prompt for any permissions under userspace ^_^
# Tested on 10.11.5
import objc
from Foundation import NSBundle
EAP8021X_bundle = NSBundle.bundleWithPath_('/System/Library/PrivateFrameworks/EAP8021X.framework')
Security_bundle = NSBundle.bundleWithIdentifier_('')
kEAPOLClientDomainUser = 1
kEAPOLClientDomainSystem = 3
E_functions = [
('EAPOLClientConfigurationCopyProfiles', '@@'),
('EAPOLClientConfigurationCopyAllLoginWindowProfiles', '@@'),
('EAPOLClientConfigurationCopyAllSystemProfiles', '@@'),
('EAPOLClientConfigurationCreate', '@^@'),
('EAPOLClientConfigurationGetProfileWithID', '@@@'),
('EAPOLClientItemIDCopyIdentity', '@@i'),
('EAPOLClientItemIDCreateWithProfile', '@@'),
('EAPOLClientProfileGetAuthenticationProperties', '@@'),
('EAPOLClientProfileGetUserDefinedName', '@@'),
('EAPOLClientProfileGetWLANSSIDAndSecurityType', '@@o^@'),
('EAPOLClientProfileGetID', '@@'),
('EAPOLControlCopyStateAndStatus', 'i*o^io^@'),
('EAPSecCertificateCopyAttributesDictionary', '@@'),
('EAPSecCertificateCopyUserNameString', '@@'),
S_functions = [
('SecIdentityCopyCertificate', 'i@o^@'),
('SecCertificateCopyValues', '@@^@o^@'),
('SecCertificateCopyData', '@@'),
objc.loadBundleFunctions(EAP8021X_bundle, globals(), E_functions)
objc.loadBundleFunctions(Security_bundle, globals(), S_functions)
# eap_config contains details about the current EAP session
result, status, eap_config = EAPOLControlCopyStateAndStatus('en0', None, None)
cfg = EAPOLClientConfigurationCreate(None)
# The UniqueIdentifier can be used to look up the 802.1x configuration in use
client_profile = EAPOLClientConfigurationGetProfileWithID(cfg, eap_config['UniqueIdentifier'])
# auth_dict contains the certs and security configuration
auth_dict = EAPOLClientProfileGetAuthenticationProperties(client_profile)
# display_name is the informal name for the config
display_name = EAPOLClientProfileGetUserDefinedName(client_profile)
# ssid and security_type for the config
ssid_cfdata, security_type = EAPOLClientProfileGetWLANSSIDAndSecurityType(client_profile, None)
ssid = str(ssid_cfdata)
# Find out the associated identity
client_id = EAPOLClientItemIDCreateWithProfile(client_profile)
identity = EAPOLClientItemIDCopyIdentity(client_id, kEAPOLClientDomainSystem)
result, cert = SecIdentityCopyCertificate(identity, None)
# This dict contains very basic information like CommonName for the identity's cert
id_dict = EAPSecCertificateCopyAttributesDictionary(cert)
# username = EAPSecCertificateCopyUserNameString(cert)
# !!! all OID / x509v3 details about the user cert in a dict
cert_details, errors = SecCertificateCopyValues(cert, None, None)
# Public cert used by identity
cert_bytes = SecCertificateCopyData(cert)
# You can write str(cert_bytes) back out to a file and it'll be the
# DER .cer certificate of the public cert of the 802.1x identity
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment