def sign_document(xml_string, private_key): if private_key is None: keypair = bbclib.KeyPair() keypair.generate() print('Keep this privately:') print('private key : {0}'.format( binascii.b2a_hex(keypair.private_key).decode())) print('') else: keypair = bbclib.KeyPair(privkey=binascii.a2b_hex(private_key)) if xml_string.endswith('.xml'): tree = ET.parse(xml_string) e = tree.getroot() else: s = xml_string.encode('utf-8') e = ET.fromstring(s) digest = hashlib.sha256(registry_lib.file(e)).digest() sig = keypair.sign(digest) print('Put the following as attributes of your XML document root:') print('algo="{0}"'.format('ecdsa-p256v1')) print('sig="{0}"'.format(binascii.b2a_hex(sig).decode())) print('pubkey="{0}"'.format(binascii.b2a_hex(keypair.public_key).decode()))
def print_digest(xml_string, url_encode): if xml_string.endswith('.xml'): tree = ET.parse(xml_string) e = tree.getroot() s = ET.tostring(e, encoding='utf-8') else: s = xml_string.encode('utf-8') e = ET.fromstring(s) if 'container' in e.attrib and e.attrib['container'] == 'true' \ and len(e) > 0: digest = hashlib.sha256(registry_lib.file(e)).digest() else: digest = hashlib.sha256(s).digest() sD = '<digest>{0}</digest>'.format(binascii.b2a_hex(digest).decode()) print(urllib.parse.quote(sD, safe='') if url_encode else sD)
def sign_document(): document = get_document(request) privkey = request.json.get('privkey') if privkey is None: abort_by_missing_param('privkey') keypair = bbclib.KeyPair(privkey=binascii.a2b_hex(privkey)) digest = hashlib.sha256(registry_lib.file(document.root)).digest() sig = keypair.sign(digest) return jsonify({ 'algo': 'ecdsa-p256v1', 'sig': binascii.b2a_hex(sig).decode(), 'pubkey': binascii.b2a_hex(keypair.public_key).decode() })
def get_digest(): document = get_document(request) size = len(document.root) if size > 1: digest = hashlib.sha256(document.file()).digest() elif size == 1: e = document.root[0] if 'container' in e.attrib and e.attrib['container'] == 'true' \ and len(e) > 0: digest = hashlib.sha256(registry_lib.file(e)).digest() else: digest = hashlib.sha256(ET.tostring(e, encoding='utf-8')).digest() else: abort_by_bad_json_format() return jsonify({'digest': binascii.b2a_hex(digest).decode()})
def certify(cert_xml, subtree_string): if cert_xml is None or subtree_string is None: return failure_template('no-query') try: root = ET.fromstring(cert_xml) except ET.ParseError: return failure_template('xml-syntax') try: data = registry_lib.file(root) except ValueError as error: s = str(error) if s.startswith('pubkey'): return failure_template('no-pubkey', root=root) elif s.startswith('sig'): return failure_template('bad-sig', root=root) except KeyError as error: return failure_template('sig-algo', root=root) digest = hashlib.sha256(data).digest() subtree = [] nodes = subtree_string.split(':') for node in nodes: s = node.split('-') if len(s) != 2 or not all(c in string.hexdigits for c in s[1]): return failure_template('subtree-syntax', root=root) dic = {} dic['position'] = 'right' if s[0] == 'r' else 'left' dic['digest'] = s[1] subtree.append(dic) eth = bbc_ethereum.BBcEthereum(S_NETWORK, private_key=None, contract_address=S_CONTRACT_ADDRESS, project_dir=bbc1.__path__[0] + '/core/ethereum') block_no, digest0 = eth.verify_and_get_root(digest, subtree) if block_no <= 0: return failure_template('digest-mismatch', root=root) block = network.web3.eth.getBlock(block_no) realtime = datetime.datetime.fromtimestamp(block['timestamp']) return render_template('cert/success.html', title='Certificate Vefirication - Success', root=root, network=S_NETWORK, contract=S_CONTRACT_ADDRESS, block_no=block_no, realtime=realtime, get_date_string=get_date_string, merkle_root=binascii.b2a_hex(digest0).decode())