def key_setup(vault, **kwargs):
"""
:param vault: Where the keys are kept
:return: 2-tuple: result of urlsplit and a dictionary with
parameter name as key and url and value
"""
vault_path = proper_path(vault)
if not os.path.exists(vault_path):
os.makedirs(vault_path)
kb = KeyBundle()
for usage in ["sig", "enc"]:
if usage in kwargs:
if kwargs[usage] is None:
continue
_args = kwargs[usage]
if _args["alg"].upper() == "RSA":
try:
_key = rsa_load('%s%s' % (vault_path, "pyoidc"))
except Exception:
devnull = open(os.devnull, 'w')
with RedirectStdStreams(stdout=devnull, stderr=devnull):
_key = create_and_store_rsa_key_pair(
path=vault_path)
k = RSAKey(key=_key, use=usage)
k.add_kid()
kb.append(k)
return kb
def ec_init(spec):
"""
Initiate a keybundle with an elliptic curve key.
:param spec: Key specifics of the form::
{"type": "EC", "crv": "P-256", "use": ["sig"]}
:return: A KeyBundle instance
"""
_key = NISTEllipticCurve.by_name(spec["crv"])
kb = KeyBundle(keytype="EC", keyusage=spec["use"])
for use in spec["use"]:
priv, pub = _key.key_pair()
ec = ECKey(x=pub[0], y=pub[1], d=priv, crv=spec["crv"])
ec.serialize()
ec.use = use
kb.append(ec)
return kb
