diff options
author | Ulf Wiger <ulf@wiger.net> | 2015-05-13 21:28:00 +0200 |
---|---|---|
committer | Ulf Wiger <ulf@feuerlabs.com> | 2015-06-10 11:22:42 +0200 |
commit | 179fbae4c5bc3fa1da7ff6515d0b295fc5de825c (patch) | |
tree | d7e6da0c44b886bd4a6ab7e0f3fa9702a894fbc0 /python | |
parent | 98c449e716ec8dfd22a48127c7577b74c1b862a4 (diff) | |
download | rvi_core-179fbae4c5bc3fa1da7ff6515d0b295fc5de825c.tar.gz |
JWT-style certificates, WIP
Diffstat (limited to 'python')
-rwxr-xr-x | python/rvi_readsig.py | 56 | ||||
-rwxr-xr-x | python/rvi_sign.py | 49 |
2 files changed, 105 insertions, 0 deletions
diff --git a/python/rvi_readsig.py b/python/rvi_readsig.py new file mode 100755 index 0000000..4737112 --- /dev/null +++ b/python/rvi_readsig.py @@ -0,0 +1,56 @@ +#!/usr/bin/python + +# +# Copyright (C) 2014, Jaguar Land Rover +# +# This program is licensed under the terms and conditions of the +# Mozilla Public License, version 2.0. The full text of the +# Mozilla Public License is at https://www.mozilla.org/MPL/2.0/ +# +# +# Reads signed certificate, validates signature and prints payload +# RVI signed certs use the JWT format, described in +# https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41 +# +# (see http://jwt.io for more libraries as well as an online debugger) +# +# Keys are generated using `openssl genrsa -out PemFile 2048`, +# and the cert signature is calculated using {"alg": "RS256"} +# + +import sys +import json +import jwt +import time +import getopt +def usage(): + print "Usage:", sys.argv[0], "signature_file public_key_file" + print + print "Example: ./rvi_readsig.py ~/certs/mycert.txt ~/keys/pubkey.pem" + + sys.exit(255) + + +# +# Check that we have the correct arguments +# +opts, args= getopt.getopt(sys.argv[1:], "n:") + +for o, a in opts: + if o == "-n": + rvi_node = a + else: + usage() + +if len(args) != 2: + usage() + +sigfile = open(args[0], 'r') +keyfile = open(args[1], 'r') + +sig = sigfile.read() +key = keyfile.read() + +payload = jwt.decode(sig, key) + +print payload diff --git a/python/rvi_sign.py b/python/rvi_sign.py new file mode 100755 index 0000000..0317372 --- /dev/null +++ b/python/rvi_sign.py @@ -0,0 +1,49 @@ +#!/usr/bin/python + +# +# Copyright (C) 2014, Jaguar Land Rover +# +# This program is licensed under the terms and conditions of the +# Mozilla Public License, version 2.0. The full text of the +# Mozilla Public License is at https://www.mozilla.org/MPL/2.0/ +# +# +# Reads signed certificate, validates signature and prints payload +# RVI signed certs use the JWT format, described in +# https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41 +# +# Keys are generated using `openssl genrsa -out PemFile 2048`, +# and the cert signature is calculated using {"alg": "RS256"} +# + +import sys +import json +import jwt +import time +import getopt +def usage(): + print "Usage:", sys.argv[0], "Json_file Public_key_file Out_file" + + sys.exit(255) + + +# +# Check that we have the correct arguments +# +opts, args= getopt.getopt(sys.argv[1:], "") + +if len(args) != 3: + usage() + +certfile = open(args[0], 'r') +keyfile = open(args[1], 'r') +outfile = open(args[2], 'w') + +certstr = certfile.read() +cert = json.loads(certstr) + +key = keyfile.read() + +result = jwt.encode(cert, key, algorithm='RS256') + +outfile.write(result) |