Update code to support argument feature
Usage: python cpisign.py -k CPIKEY example1.json example2.json ...
and input the password of CPI key to sign the data
Change-Id: Ieb0183208aab351f907f41d69ec8052cce5cecb7
diff --git a/.gitignore b/.gitignore
index af3bea8..01c9c58 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,5 @@
# SPDX-License-Identifier: Apache-2.0
venv_cbrs
+output
*.p12
diff --git a/.reuse/dep5 b/.reuse/dep5
index fe17096..72b0c50 100644
--- a/.reuse/dep5
+++ b/.reuse/dep5
@@ -1,5 +1,5 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Files: VERSION .gitreview README.md
+Files: VERSION .gitreview README.md example.json
Copyright: 2021 Open Networking Foundation
License: Apache-2.0
diff --git a/cpisign.py b/cpisign.py
index 545ca9f..c7b0ee6 100644
--- a/cpisign.py
+++ b/cpisign.py
@@ -8,49 +8,50 @@
# SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org>
# SPDX-License-Identifier: Apache-2.0
+import os
+import json
import getpass
+import argparse
from jose import jws
from cryptography.hazmat.primitives.serialization import pkcs12
from cryptography.hazmat.primitives import serialization
-CPI_KEY_PATH = "./YOUR_CPI_KEY.p12"
+parser = argparse.ArgumentParser(description="CBSD CPI signature data generator")
+parser.add_argument("-k", "--key", help="The file name of CPI key")
+parser.add_argument(
+ "signFiles",
+ type=str,
+ nargs="+",
+ help="The file name of sigature data, can accept multiple files in a time.",
+)
+args = parser.parse_args()
-cpiSignedData = {
- "fccId": "P27-SCE4255W",
- "cbsdSerialNumber": "2009CW5000016",
- "installationParam": {
- "latitude": 32.344752,
- "longitude": -111.012302,
- "height": 1,
- "heightType": "AGL",
- "indoorDeployment": True,
- },
- "professionalInstallerData": {
- "cpiId": "GOOG-001212",
- "cpiName": "Wei-Yu Chen",
- "installCertificationTime": "2021-08-14T00:00:00Z",
- },
-}
+if __name__ == "__main__":
+ # get password
+ cpi_password = bytes(getpass.getpass(), "ascii")
-# get password
-cpi_password = bytes(getpass.getpass(), "ascii")
+ with open(args.key, "rb") as key_file:
+ (pkey, cert, addl_cert) = pkcs12.load_key_and_certificates(
+ key_file.read(), cpi_password
+ )
-with open(CPI_KEY_PATH, "rb") as key_file:
- (pkey, cert, addl_cert) = pkcs12.load_key_and_certificates(
- key_file.read(), cpi_password
+ pkey_raw = pkey.private_bytes(
+ encoding=serialization.Encoding.PEM,
+ format=serialization.PrivateFormat.TraditionalOpenSSL,
+ encryption_algorithm=serialization.NoEncryption(),
)
-pkey_raw = pkey.private_bytes(
- encoding=serialization.Encoding.PEM,
- format=serialization.PrivateFormat.TraditionalOpenSSL,
- encryption_algorithm=serialization.NoEncryption(),
-)
+ if not os.path.exists("output"):
+ os.makedirs("output")
-(protectedHeader, encodedCpiSignedData, digitalSignature) = jws.sign(
- cpiSignedData, pkey_raw, algorithm="RS256"
-).split(".")
+ for signFile in args.signFiles:
+ with open(signFile, "r") as inFile:
+ inFileJson = json.loads(inFile.read())
+ # The output is 3 parameters concat with dot to a string
+ # 3 params are: protectedHeader, encodedCpiSignedData, digitalSignature
+ SIGNED = jws.sign(inFileJson, pkey_raw, algorithm="RS256")
-print(protectedHeader)
-print(encodedCpiSignedData)
-print(digitalSignature)
+ print(f"* {inFileJson['cbsdSerialNumber']} data was signed")
+ with open(f"output/{signFile}.signed", "w") as out_file:
+ out_file.write(SIGNED)
diff --git a/example.json b/example.json
new file mode 100644
index 0000000..e30796a
--- /dev/null
+++ b/example.json
@@ -0,0 +1,16 @@
+{
+ "fccId":"P27-SCE4255W",
+ "cbsdSerialNumber":"2009CW5000016",
+ "installationParam":{
+ "latitude":32.344752,
+ "longitude":-111.012302,
+ "height":1,
+ "heightType":"AGL",
+ "indoorDeployment":true
+ },
+ "professionalInstallerData":{
+ "cpiId":"GOOG-001212",
+ "cpiName":"Wei-Yu Chen",
+ "installCertificationTime":"2021-08-14T00:00:00Z"
+ }
+}