def get_drkey_reply(sv, src_ia, dst_ia, priv_key, signing_key, cert_ver, dst_cert, trc_ver): """ Generate a DRKeyReply. The Reply is signed with the signing key. The contained drkey is encrypted using the public key of the destination certificate. :param DRKeySecretValue sv: the local secret value used to derive the DRKey. :param ISD_AS src_ia: the local ISD-AS address. :param ISD_AS dst_ia: the ISD-AS for which the DRKey is computed. :param PrivateKey priv_key: local private key. :param SigningKey signing_key: local signing key. :param int cert_ver: version of the certificate, priv_key and signing_key are associated with. :param Certificate dst_cert: the certificated of the destination ISD-AS. :param int trc_ver: version of trc associated with cert_ver. :returns: the resulting DRKeyReply :rtype: DRKeyReply """ drkey = derive_drkey_raw(sv, dst_ia) cipher = bytes( encrypt(drkey, priv_key, PublicKey(dst_cert.subject_enc_key_raw))) timestamp = drkey_time() signature = sign( get_signing_input_rep(src_ia, timestamp, sv.exp_time, cipher), signing_key) return DRKeyReply.from_values(src_ia, timestamp, sv.exp_time, cipher, signature, cert_ver, dst_cert.version, trc_ver)
def _cached_drkeys_handler(self, raw_entries): for raw in raw_entries: msg = CtrlPayload(DRKeyMgmt(DRKeyReply.from_raw(raw))) self.process_drkey_reply(msg, None, from_zk=True)