def coseAlgorithmToSignatureParams(coseAlgorithm, issuerName): """Given a COSE algorithm ('ES256', 'ES384', 'ES512') and an issuer name, returns a (algorithm id, pykey.ECCKey, encoded certificate) triplet for use with coseSig. """ if coseAlgorithm == 'ES256': keyName = 'secp256r1' algId = ES256 elif coseAlgorithm == 'ES384': keyName = 'secp384r1' algId = ES384 elif coseAlgorithm == 'ES512': keyName = 'secp521r1' # COSE uses the hash algorithm; this is the curve algId = ES512 else: raise UnknownCOSEAlgorithmError(coseAlgorithm) key = pykey.ECCKey(keyName) certSpecification = 'issuer:%s\n' % issuerName + \ 'subject: xpcshell signed app test signer\n' + \ 'subjectKey:%s\n' % keyName + \ 'extension:keyUsage:digitalSignature' certSpecificationStream = StringIO.StringIO() print >> certSpecificationStream, certSpecification certSpecificationStream.seek(0) cert = pycert.Certificate(certSpecificationStream) return (algId, key, cert.toDER())
def coseAlgorithmToSignatureParams(coseAlgorithm, issuerName): """Given a COSE algorithm ('ES256', 'ES384', 'ES512') and an issuer name, returns a (algorithm id, pykey.ECCKey, encoded certificate) triplet for use with coseSig. """ if coseAlgorithm == "ES256": keyName = "secp256r1" algId = ES256 elif coseAlgorithm == "ES384": keyName = "secp384r1" algId = ES384 elif coseAlgorithm == "ES512": keyName = "secp521r1" # COSE uses the hash algorithm; this is the curve algId = ES512 else: raise UnknownCOSEAlgorithmError(coseAlgorithm) key = pykey.ECCKey(keyName) # The subject must differ to avoid errors when importing into NSS later. ee = getCert( "xpcshell signed app test signer " + keyName, keyName, issuerName, True, "default", ) return (algId, key, ee.toDER())
# file, You can obtain one at http://mozilla.org/MPL/2.0/. """ Create an ECDSA signature on the P-384 curve using the SHA-384 hash of data from stdin. The key used for the signature is the secp384r1Encoded key used in pykey and pycert. The certificates for the content signature tests make use of this program. You can use pysign.py like this: cat test.txt | python pysign.py > test.txt.signature """ import base64 import binascii import hashlib import os import six import sys import ecdsa # For pykey sys.path.append(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) import pykey data = sys.stdin.buffer.read() key = pykey.ECCKey("secp384r1") sig = key.signRaw(b"Content-Signature:\00" + data, pykey.HASH_SHA384) print base64.b64encode(sig).replace("+", "-").replace("/", "_")
# file, You can obtain one at http://mozilla.org/MPL/2.0/. """ Create an ECDSA signature on the P-384 curve using the SHA-384 hash of data from stdin. The key used for the signature is the secp384r1Encoded key used in pykey and pycert. The certificates for the content signature tests make use of this program. You can use pysign.py like this: cat test.txt | python pysign.py > test.txt.signature """ import base64 import binascii import hashlib import os import six import sys import ecdsa # For pykey sys.path.append(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) import pykey data = sys.stdin.buffer.read() key = pykey.ECCKey('secp384r1') sig = key.signRaw(b'Content-Signature:\00' + data, pykey.HASH_SHA384) print base64.b64encode(sig).replace('+', '-').replace('/', '_')