def sign_document(xml_string, private_key):
if private_key is None:
keypair = bbclib.KeyPair()
keypair.generate()
print('Keep this privately:')
print('private key : {0}'.format(
binascii.b2a_hex(keypair.private_key).decode()))
print('')
else:
keypair = bbclib.KeyPair(privkey=binascii.a2b_hex(private_key))
if xml_string.endswith('.xml'):
tree = ET.parse(xml_string)
e = tree.getroot()
else:
s = xml_string.encode('utf-8')
e = ET.fromstring(s)
digest = hashlib.sha256(registry_lib.file(e)).digest()
sig = keypair.sign(digest)
print('Put the following as attributes of your XML document root:')
print('algo="{0}"'.format('ecdsa-p256v1'))
print('sig="{0}"'.format(binascii.b2a_hex(sig).decode()))
print('pubkey="{0}"'.format(binascii.b2a_hex(keypair.public_key).decode()))
def print_digest(xml_string, url_encode):
if xml_string.endswith('.xml'):
tree = ET.parse(xml_string)
e = tree.getroot()
s = ET.tostring(e, encoding='utf-8')
else:
s = xml_string.encode('utf-8')
e = ET.fromstring(s)
if 'container' in e.attrib and e.attrib['container'] == 'true' \
and len(e) > 0:
digest = hashlib.sha256(registry_lib.file(e)).digest()
else:
digest = hashlib.sha256(s).digest()
sD = '<digest>{0}</digest>'.format(binascii.b2a_hex(digest).decode())
print(urllib.parse.quote(sD, safe='') if url_encode else sD)
def sign_document():
document = get_document(request)
privkey = request.json.get('privkey')
if privkey is None:
abort_by_missing_param('privkey')
keypair = bbclib.KeyPair(privkey=binascii.a2b_hex(privkey))
digest = hashlib.sha256(registry_lib.file(document.root)).digest()
sig = keypair.sign(digest)
return jsonify({
'algo': 'ecdsa-p256v1',
'sig': binascii.b2a_hex(sig).decode(),
'pubkey': binascii.b2a_hex(keypair.public_key).decode()
})
def get_digest():
document = get_document(request)
size = len(document.root)
if size > 1:
digest = hashlib.sha256(document.file()).digest()
elif size == 1:
e = document.root[0]
if 'container' in e.attrib and e.attrib['container'] == 'true' \
and len(e) > 0:
digest = hashlib.sha256(registry_lib.file(e)).digest()
else:
digest = hashlib.sha256(ET.tostring(e, encoding='utf-8')).digest()
else:
abort_by_bad_json_format()
return jsonify({'digest': binascii.b2a_hex(digest).decode()})
def certify(cert_xml, subtree_string):
if cert_xml is None or subtree_string is None:
return failure_template('no-query')
try:
root = ET.fromstring(cert_xml)
except ET.ParseError:
return failure_template('xml-syntax')
try:
data = registry_lib.file(root)
except ValueError as error:
s = str(error)
if s.startswith('pubkey'):
return failure_template('no-pubkey', root=root)
elif s.startswith('sig'):
return failure_template('bad-sig', root=root)
except KeyError as error:
return failure_template('sig-algo', root=root)
digest = hashlib.sha256(data).digest()
subtree = []
nodes = subtree_string.split(':')
for node in nodes:
s = node.split('-')
if len(s) != 2 or not all(c in string.hexdigits for c in s[1]):
return failure_template('subtree-syntax', root=root)
dic = {}
dic['position'] = 'right' if s[0] == 'r' else 'left'
dic['digest'] = s[1]
subtree.append(dic)
eth = bbc_ethereum.BBcEthereum(S_NETWORK,
private_key=None,
contract_address=S_CONTRACT_ADDRESS,
project_dir=bbc1.__path__[0] +
'/core/ethereum')
block_no, digest0 = eth.verify_and_get_root(digest, subtree)
if block_no <= 0:
return failure_template('digest-mismatch', root=root)
block = network.web3.eth.getBlock(block_no)
realtime = datetime.datetime.fromtimestamp(block['timestamp'])
return render_template('cert/success.html',
title='Certificate Vefirication - Success',
root=root,
network=S_NETWORK,
contract=S_CONTRACT_ADDRESS,
block_no=block_no,
realtime=realtime,
get_date_string=get_date_string,
merkle_root=binascii.b2a_hex(digest0).decode())