def assign_client_id(requested, group_id, pseudonym):
# Hash the group_id and pseudonym to make up an ID
hash = hashlib.sha256()
hash.update(group_id.data)
hash.update(pseudonym.data)
id_raw = hash.digest()[:16]
id_hex = hash.hexdigest()[:32]
print("Assigning identity", id_hex)
return xtt.Identity(id_raw)
def setUp(self):
self.expiry = xtt.CertificateExpiry(b'21001231')
self.root_id = xtt.CertificateRootId(b'0000111100001111')
self.server_id = xtt.Identity(b'0000222200002222')
(self.root_pub, self.root_priv) = xtt.create_ed25519_key_pair()
(self.server_pub, self.server_priv) = xtt.create_ed25519_key_pair()
self.cert = xtt.generate_ed25519_server_certificate(
self.server_id, self.server_pub, self.expiry, self.root_id,
self.root_priv)
def test_generate_ecdsap256_server_certificate(self):
expiry = xtt.CertificateExpiry(b'21001231')
root_id = xtt.CertificateRootId(b'0000111100001111')
server_id = xtt.Identity(b'0000222200002222')
(root_pub, root_priv) = xtt.create_ecdsap256_key_pair()
(server_pub, server_priv) = xtt.create_ecdsap256_key_pair()
cert = xtt.generate_ecdsap256_server_certificate(
server_id, server_pub, expiry, root_id, root_priv)
self.assertTrue(b'21001231' in cert.data)
def test_x509_from_ed25519_key_pair(self):
pub = xtt.ED25519PublicKey(
b"""^\x970Y=\\\x92\xbdsK2\x0cD%\x96\xf8\x1dh\xc4\x1d&k'+\x1a\xca\xd6\x16\x12\x90\x03="""
)
priv = xtt.ED25519PrivateKey(
b"""\xd1%\xce\xec\xfb\xdf\x82\xb1w~\xb5AL*\x10'\x9aX\x8f\xae\x05\tTm5\xafC\x14\x06]\xb3X^\x970Y=\\\x92\xbdsK2\x0cD%\x96\xf8\x1dh\xc4\x1d&k'+\x1a\xca\xd6\x16\x12\x90\x03="""
)
common_name = xtt.Identity(
b'\xfd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
)
cert = xtt.x509_from_ed25519_key_pair(pub, priv, common_name)
decoded = der_decode(cert,
asn1Spec=rfc5280.Certificate(),
decodeOpenTypes=True)[0]
decoded_common_name = decoded['tbsCertificate']['subject'][0][0][0][
'value']['utf8String']
self.assertEqual(decoded_common_name,
"FD000000000000000000000000000000")
def test_x509_from_ecdsap256_key_pair(self):
pub = xtt.ECDSAP256PublicKey(
b"""\x04\x7E\x65\x37\x53\x13\x42\xF4\x8A\xC4\x64\x69\x8C\x4C\xD0\x23\xD7\xE4\xD9\x4C\xE5\x0A\x5D\x8B\xCC\x3C\x94\x13\x00\xA3\x48\xF5\x65\xCC\x56\xBF\x77\xC5\x4D\x1C\x7D\xB9\x45\x5D\xF0\x89\x67\x29\x39\xF3\x63\x70\xF2\xB9\x28\x21\x0A\x65\x78\x70\x8B\xE1\xF8\x86\x9A"""
)
priv = xtt.ECDSAP256PrivateKey(
b"""\xE7\xAC\x0C\x71\xD7\xA0\xDF\x86\xD2\x7B\x82\xAC\x0F\x0C\xFC\xD1\xB1\xC0\x91\xB2\xAA\xC0\xE8\xE0\x9D\xC5\x04\x5C\x40\xCD\x28\x36"""
)
common_name = xtt.Identity(
b'\xfd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
)
cert = xtt.x509_from_ecdsap256_key_pair(pub, priv, common_name)
decoded = der_decode(cert,
asn1Spec=rfc5280.Certificate(),
decodeOpenTypes=True)[0]
decoded_common_name = decoded['tbsCertificate']['subject'][0][0][0][
'value']['utf8String']
self.assertEqual(decoded_common_name,
"FD00:0000:0000:0000:0000:0000:0000:0000")