def encode_cert_id_key(self, hkey):
issuer_name_hash, issuer_key_hash, serial_number = hkey
issuer_name_hash = OctetString.load(issuer_name_hash)
issuer_key_hash = OctetString.load(issuer_key_hash)
serial_number = Integer.load(serial_number)
cert_id = CertId({
'hash_algorithm': DigestAlgorithm({
'algorithm': 'sha1',
'parameters': None}),
'issuer_name_hash': issuer_name_hash,
'issuer_key_hash': issuer_key_hash,
'serial_number': serial_number,
})
return cert_id
def generate_private_key(self):
parameters = self.session.create_domain_parameters(
KeyType.EC,
{Attribute.EC_PARAMS: encode_named_curve_parameters('secp256r1')},
local=True)
public_template = {
Attribute.KEY_TYPE: KeyType.EC,
Attribute.CLASS: ObjectClass.PUBLIC_KEY,
Attribute.TOKEN: True,
Attribute.VERIFY: True,
}
private_template = {
Attribute.KEY_TYPE: KeyType.EC,
Attribute.CLASS: ObjectClass.PRIVATE_KEY,
Attribute.TOKEN: True,
Attribute.PRIVATE: True,
Attribute.SIGN: True,
Attribute.EXTRACTABLE: False,
Attribute.SENSITIVE: True
}
public_key, private_key = parameters.generate_keypair(
store=True,
public_template=public_template,
private_template=private_template)
ecpt = bytes(OctetString.load(public_key[Attribute.EC_POINT]))
hash = hashlib.sha256(ecpt)
ski = hash.digest()
hexski = hash.hexdigest()
public_key[Attribute.ID] = ski
public_key[Attribute.LABEL] = hexski
private_key[Attribute.ID] = ski
private_key[Attribute.LABEL] = hexski
return PKCS11KeyPair(public_key, private_key)
def encode_cert_id_key(self, hkey):
issuer_name_hash, issuer_key_hash, serial_number = hkey
issuer_name_hash = OctetString.load(issuer_name_hash)
issuer_key_hash = OctetString.load(issuer_key_hash)
serial_number = Integer.load(serial_number)
cert_id = CertId({
"hash_algorithm":
DigestAlgorithm({
"algorithm": "sha1",
"parameters": None
}),
"issuer_name_hash":
issuer_name_hash,
"issuer_key_hash":
issuer_key_hash,
"serial_number":
serial_number,
})
return cert_id
def encode_ec_public_key(key):
"""
Encode a DER-encoded EC public key as stored by OpenSSL.
:param PublicKey key: EC public key
:rtype: bytes
"""
ecparams = ECDomainParameters.load(key[Attribute.EC_PARAMS])
ecpoint = bytes(OctetString.load(key[Attribute.EC_POINT]))
return PublicKeyInfo({
'algorithm': {
'algorithm': 'ec',
'parameters': ecparams,
},
'public_key': ecpoint,
}).dump()
from asn1crypto.core import Sequence, OctetString
data = bytes.fromhex('605e06062b0601050502a0543052a024302206092a864882f71201020206092a864886f712010202060a2b06010401823702020aa32a3028a0261b246e6f745f646566696e65645f696e5f5246433431373840706c656173655f69676e6f7265')
#data = bytes.fromhex('6E8201FE308201FAA003020105A10302010EA20703050000000000A38201416182013D30820139A003020105A10F1B0D465245454950412E4C4F43414CA21D301BA003020101A11430121B066B61646D696E1B086368616E67657077A38201003081FDA003020112A103020101A281F00481EDECC2A53967B412D791DFF3EA3D50F765DC7ED7C7E66912C836163F5BD0A07FC679E46D36C9B38A2273C877D233AD55FAB9F3D95637F8F1DC22117723E77537C92D909064DE10B26E86C9EFDCCF37CC16D20E75849D0CBD04A56E7F69D46C6D7DB9DDDC6ACBBE37D6CF49C6CC78C57228C0E903FDC08772B030DD22DC84B5D55C66E07279E9840A3EA68F1C27BA26305D1CD05D1E3A994A4246DB8E834948EFD3788409760994AF1A72F5CF1485C49C7646A3B72C460FD62F5C373C224ECE0859F4DDEF5B77BF75A9AB220524E00A35A357722F703A218C5FD1A717ED0392F19864BF0B52921B501906A8AF48C3A4819F30819CA003020112A28194048191EAD1DF7495E86BFEC932DBA81C9A764826080BB8C359AC3627C4B2CE530217042449E9CAA3DB66031FBE4B1CF942EC9EC773A2FB2485DD4D6E1271F9FF41D26C54CE9370D6E4573156CDC051944A563056BFA1D47CECEFF3CB4AC455FE33CD03E91BA9B4DC2243CE59EF0E1865AEBDBA76E30EB2AD8DEB71409B11F86CFA6C6E488270303C0451BD86A91C139018421A07')
#data = b'$\x80\x04\r\x8d\xff\xf0\x98\x076\xaf\x93nB:\xcf\xcc\x04\x15\x92w\xf7\xf0\xe4y\xff\xc7\xdc3\xb2\xd0={\x1a\x18mDr\xaaI\x00\x00'
a = OctetString.load(data)
print(data)
print(a)
#parsed = Sequence.load(data)
#serialized = parsed.dump()
