Пример #1
0
 def getPublicKey(self, format='JWK'):
     """
     Return public key as a PEM or JWK string or as a JCS in an JSONObjectWriter
     """
     if exportFormatCheck(format) == 'PEM':
         return exportPublicKeyAsPem(self.nativePublicKey)
     if format == 'JWK':
         return serializeJson(self.publicKey)
     return JSONObjectWriter(self.publicKey)
 def getPublicKey(self, format='JWK'):
     """
     Return public key as a PEM or JWK string or as a JCS in an JSONObjectWriter
     """
     if exportFormatCheck(format) == 'PEM':
         return exportPublicKeyAsPem(self.nativePublicKey)
     if format == 'JWK':
         jwk = OrderedDict()
         for item in self.publicKey:
             key = item
             if key == 'type':
                 key = 'kty'
             elif key == 'curve':
                 key = 'crv'
             jwk[key] = self.publicKey[item]
         return serializeJson(jwk)
     return JSONObjectWriter(self.publicKey)
Пример #3
0

def readFile(name):
    return codecs.open(name, "r", "utf-8").read()


keyString = readFile(sys.argv[1])

signatureKey = SignatureKey.new(keyString)
if signatureKey.isRSA():
    print "RSA key"
else:
    print "EC key"

if len(sys.argv) == 3:
    jsonObject = JSONObjectWriter(parseJson(readFile(sys.argv[2])))
else:
    jsonObject = JSONObjectWriter()
    jsonObject.setInt("an_int", 7)

    jsonObject.setString("a_string", "Sure")
    jsonObject.setObject("an_object").setString(
        "another_string",
        "Yeah").setFloat("a_float", 1e+5).setBinary("a_blob",
                                                    '\x00\x01\x03\x04\x05')
    jsonObject.setArray("an_array").setInt(45).setString("Nope").setObject()
    jsonObject.setArray("two_dimensional").setArray().setString("Bye")

jsonObject.setSignature(signatureKey)

print jsonObject.serialize().encode("utf-8")
Пример #4
0
 def getPublicKey(self, format='JWK'):
     """
     Return public key as a PEM or JWK string or as a JCS/JWK in an JSONObjectWriter
     """
     if exportFormatCheck(format) == 'PEM':
         if self.isRSA():
             return exportPublicKeyAsPem(self.nativePrivateKey.publickey())
         return exportPublicKeyAsPem(
             self.nativePrivateKey.get_verifying_key())
     publicKey = JSONObjectWriter()
     if self.isRSA():
         publicKey.setString('kty', 'RSA')
         publicKey.setCryptoBigNum('n', self.nativePrivateKey.n)
         publicKey.setCryptoBigNum('e', self.nativePrivateKey.e)
     else:
         publicKey.setString('kty', 'EC')
         publicKey.setString('crv', getEcCurveName(self.nativePrivateKey))
         point = self.nativePrivateKey.get_verifying_key().to_string()
         length = len(point)
         if length % 2:
             raise ValueError('EC point length error')
         length >>= 1
         publicKey.setBinary('x', point[:length])
         publicKey.setBinary('y', point[length:])
     if format == 'JWK':
         return publicKey.serialize()
     return publicKey
Пример #5
0
# This is a short program showing a possible CSR using JCS for the
# ACME (Automatic Certificate Management Environment) system

theKey = ('{'
          '  "kty":"EC",'
          '  "crv":"P-256",'
          '  "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",'
          '  "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",'
          '  "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE"'
          '}')

from org.webpki.json import SignatureKey
from org.webpki.json.Writer import JSONObjectWriter

jsonObject = JSONObjectWriter().setString(
    "@context",
    "https://letsencrypt.org/acme/v1").setString("@qualifier",
                                                 "CertificateRequest")
jsonObject.setString("domain", "example.com")
jsonObject.setBinary("secret", '\x56\x23\x23\x00\x10')
jsonObject.setSignature(SignatureKey.new(theKey))
print jsonObject.serialize()

class CustomSigner(BaseKey):
    def __init__(self, privateKeyString, algorithm):
        # Custom constructor
        self.nativePrivateKey = RSA.importKey(privateKeyString)
        self.algorithm = algorithm

    def signData(self, data):
        # Implementation: bare-bones and hard-coded
        return PKCS1_v1_5.new(self.nativePrivateKey).sign(SHA256.new(data))

    def setSignatureMetaData(self, jsonObjectWriter):
        # Implementation: bare-bones and hard-coded
        jsonObjectWriter.setString('algorithm', self.algorithm)
        publicKey = jsonObjectWriter.setObject('publicKey')
        publicKey.setString('type', 'RSA')
        publicKey.setCryptoBigNum('n', self.nativePrivateKey.n)
        publicKey.setCryptoBigNum('e', self.nativePrivateKey.e)


jsonObject = JSONObjectWriter().setString(
    "@context",
    "https://letsencrypt.org/acme/v1").setString("@qualifier",
                                                 "CertificateRequest")
jsonObject.setString("domain", "example.com")
jsonObject.setBinary("secret", '\x56\x23\x23\x00\x10')
jsonObject.setSignature(CustomSigner(theKey,
                                     'RS256'))  # Custom init parameters
print jsonObject.serialize()
Пример #7
0
# Our test program
if not len(sys.argv) in (2,3):
    print 'Private-key [JSON-in-file]'
    sys.exit(1)

def readFile(name):
  return codecs.open(name, "r", "utf-8").read()

keyString = readFile(sys.argv[1])

signatureKey = SignatureKey.new(keyString)
if signatureKey.isRSA():
  print "RSA key"
else:
  print "EC key"

if len(sys.argv) == 3:
  jsonObject = JSONObjectWriter(parseJson(readFile(sys.argv[2])))
else:
  jsonObject = JSONObjectWriter()
  jsonObject.setInt("an_int", 7)

  jsonObject.setString("a_string", "Sure")
  jsonObject.setObject("an_object").setString("another_string","Yeah").setFloat("a_float",1e+5).setBinary("a_blob",'\x00\x01\x03\x04\x05')
  jsonObject.setArray("an_array").setInt(45).setString("Nope").setObject()
  jsonObject.setArray("two_dimensional").setArray().setString("Bye")

jsonObject.setSignature(signatureKey)

print jsonObject.serialize().encode("utf-8")
# ACME (Automatic Certificate Management Environment) system

# This variation uses a declared rather than programmatic message
 
theKey = (
'{'
'  "kty":"EC",'
'  "crv":"P-256",'
'  "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",'
'  "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",'
'  "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE"'
'}')

from collections import OrderedDict
from org.webpki.json import SignatureKey
from org.webpki.json.Writer import JSONObjectWriter
from org.webpki.json.Utils import base64UrlEncode

message = OrderedDict([
    ("@context"  , "https://letsencrypt.org/acme/v1"),
    ("@qualifier", "CertificateRequest"),
    ("domain"    , "example.com"),
    ("an_object" , OrderedDict([("key1", 5),
                                ("key2","hi")])),
    ("secret"    , base64UrlEncode('\x56\x23\x23\x00\x10'))
])

jsonObject = JSONObjectWriter(message)
jsonObject.setSignature(SignatureKey.new(theKey))
print jsonObject.serialize()
# This variation uses a declared rather than programmatic message

theKey = (
    "{"
    '  "kty":"EC",'
    '  "crv":"P-256",'
    '  "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",'
    '  "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",'
    '  "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE"'
    "}"
)

from collections import OrderedDict
from org.webpki.json import SignatureKey
from org.webpki.json.Writer import JSONObjectWriter
from org.webpki.json.Utils import base64UrlEncode

message = OrderedDict(
    [
        ("@context", "https://letsencrypt.org/acme/v1"),
        ("@qualifier", "CertificateRequest"),
        ("domain", "example.com"),
        ("an_object", OrderedDict([("key1", 5), ("key2", "hi")])),
        ("secret", base64UrlEncode("\x56\x23\x23\x00\x10")),
    ]
)

jsonObject = JSONObjectWriter(message)
jsonObject.setSignature(SignatureKey.new(theKey))
print jsonObject.serialize()
'0BM+HmsiWnYEud7gU0Qi9MTzf4DMkabb0b01AMsA3WXUIoUxYXb0hdUHeWAivylo\n'
'6b2Vz0bkF04+Q0Bos9yMFQtOqkl1x7IfW5SrxZn07c/sWoStfA8nuFkayaf24p09\n'
'LLXUVQKBgDjFqNGi34b0Du1LcWNhHKc1UV8JjvMTXgynfte2BeptG994fXHvFt6G\n'
'+N3RpzlSgNk1QuHLze3qmAOqYfwNR/dXNDmiOIZ2vEb+F8pNvajAR/7A3GVbE/Ex\n'
'WzQhroBt4fEiJusZfznJVTjnzeTmIGxpNTyHMznbVDA9eY+tW1du\n'
'-----END RSA PRIVATE KEY-----\n')

class CustomSigner(BaseKey):
    def __init__(self,privateKeyString,algorithm):
        # Custom constructor
        self.nativePrivateKey = RSA.importKey(privateKeyString)
        self.algorithm = algorithm

    def signData(self,data):
        # Implementation: bare-bones and hard-coded
        return PKCS1_v1_5.new(self.nativePrivateKey).sign(SHA256.new(data))

    def setSignatureMetaData(self,jsonObjectWriter):
        # Implementation: bare-bones and hard-coded
        jsonObjectWriter.setString('algorithm',self.algorithm)
        publicKey = jsonObjectWriter.setObject('publicKey')
        publicKey.setString('type','RSA')
        publicKey.setCryptoBigNum('n',self.nativePrivateKey.n)
        publicKey.setCryptoBigNum('e',self.nativePrivateKey.e)

jsonObject = JSONObjectWriter().setString("@context","https://letsencrypt.org/acme/v1").setString("@qualifier","CertificateRequest")
jsonObject.setString("domain","example.com")
jsonObject.setBinary("secret",'\x56\x23\x23\x00\x10');
jsonObject.setSignature(CustomSigner(theKey,'RS256')) # Custom init parameters
print jsonObject.serialize()
Пример #11
0
# This is a short program showing a possible CSR using JCS for the
# ACME (Automatic Certificate Management Environment) system

theKey = (
'{'
'  "kty":"EC",'
'  "crv":"P-256",'
'  "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",'
'  "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",'
'  "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE"'
'}')

from org.webpki.json import SignatureKey
from org.webpki.json.Writer import JSONObjectWriter

jsonObject = JSONObjectWriter().setString("@context","https://letsencrypt.org/acme/v1").setString("@qualifier","CertificateRequest")
jsonObject.setString("domain","example.com")
jsonObject.setBinary("secret",'\x56\x23\x23\x00\x10');
jsonObject.setSignature(SignatureKey.new(theKey))
print jsonObject.serialize()