def getPublicKey(self, format='JWK'):
"""
Return public key as a PEM or JWK string or as a JCS/JWK in an JSONObjectWriter
"""
if exportFormatCheck(format) == 'PEM':
if self.isRSA():
return exportPublicKeyAsPem(self.nativePrivateKey.publickey())
return exportPublicKeyAsPem(
self.nativePrivateKey.get_verifying_key())
publicKey = JSONObjectWriter()
if self.isRSA():
publicKey.setString('kty', 'RSA')
publicKey.setCryptoBigNum('n', self.nativePrivateKey.n)
publicKey.setCryptoBigNum('e', self.nativePrivateKey.e)
else:
publicKey.setString('kty', 'EC')
publicKey.setString('crv', getEcCurveName(self.nativePrivateKey))
point = self.nativePrivateKey.get_verifying_key().to_string()
length = len(point)
if length % 2:
raise ValueError('EC point length error')
length >>= 1
publicKey.setBinary('x', point[:length])
publicKey.setBinary('y', point[length:])
if format == 'JWK':
return publicKey.serialize()
return publicKey
def getPublicKey(self, format='JWK'):
"""
Return public key as a PEM or JWK string or as a JCS in an JSONObjectWriter
"""
if exportFormatCheck(format) == 'PEM':
return exportPublicKeyAsPem(self.nativePublicKey)
if format == 'JWK':
return serializeJson(self.publicKey)
return JSONObjectWriter(self.publicKey)
def getPublicKey(self, format='JWK'):
"""
Return public key as a PEM or JWK string or as a JCS in an JSONObjectWriter
"""
if exportFormatCheck(format) == 'PEM':
return exportPublicKeyAsPem(self.nativePublicKey)
if format == 'JWK':
jwk = OrderedDict()
for item in self.publicKey:
key = item
if key == 'type':
key = 'kty'
elif key == 'curve':
key = 'crv'
jwk[key] = self.publicKey[item]
return serializeJson(jwk)
return JSONObjectWriter(self.publicKey)
def readFile(name):
return codecs.open(name, "r", "utf-8").read()
keyString = readFile(sys.argv[1])
signatureKey = SignatureKey.new(keyString)
if signatureKey.isRSA():
print "RSA key"
else:
print "EC key"
if len(sys.argv) == 3:
jsonObject = JSONObjectWriter(parseJson(readFile(sys.argv[2])))
else:
jsonObject = JSONObjectWriter()
jsonObject.setInt("an_int", 7)
jsonObject.setString("a_string", "Sure")
jsonObject.setObject("an_object").setString(
"another_string",
"Yeah").setFloat("a_float", 1e+5).setBinary("a_blob",
'\x00\x01\x03\x04\x05')
jsonObject.setArray("an_array").setInt(45).setString("Nope").setObject()
jsonObject.setArray("two_dimensional").setArray().setString("Bye")
jsonObject.setSignature(signatureKey)
print jsonObject.serialize().encode("utf-8")
# This is a short program showing a possible CSR using JCS for the
# ACME (Automatic Certificate Management Environment) system
theKey = ('{'
' "kty":"EC",'
' "crv":"P-256",'
' "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",'
' "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",'
' "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE"'
'}')
from org.webpki.json import SignatureKey
from org.webpki.json.Writer import JSONObjectWriter
jsonObject = JSONObjectWriter().setString(
"@context",
"https://letsencrypt.org/acme/v1").setString("@qualifier",
"CertificateRequest")
jsonObject.setString("domain", "example.com")
jsonObject.setBinary("secret", '\x56\x23\x23\x00\x10')
jsonObject.setSignature(SignatureKey.new(theKey))
print jsonObject.serialize()
# ACME (Automatic Certificate Management Environment) system
# This variation uses a declared rather than programmatic message
theKey = (
'{'
' "kty":"EC",'
' "crv":"P-256",'
' "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",'
' "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",'
' "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE"'
'}')
from collections import OrderedDict
from org.webpki.json import SignatureKey
from org.webpki.json.Writer import JSONObjectWriter
from org.webpki.json.Utils import base64UrlEncode
message = OrderedDict([
("@context" , "https://letsencrypt.org/acme/v1"),
("@qualifier", "CertificateRequest"),
("domain" , "example.com"),
("an_object" , OrderedDict([("key1", 5),
("key2","hi")])),
("secret" , base64UrlEncode('\x56\x23\x23\x00\x10'))
])
jsonObject = JSONObjectWriter(message)
jsonObject.setSignature(SignatureKey.new(theKey))
print jsonObject.serialize()
