Update code to support argument feature
Usage: python cpisign.py -k CPIKEY example1.json example2.json ...
and input the password of CPI key to sign the data
Change-Id: Ieb0183208aab351f907f41d69ec8052cce5cecb7
diff --git a/cpisign.py b/cpisign.py
index 545ca9f..c7b0ee6 100644
--- a/cpisign.py
+++ b/cpisign.py
@@ -8,49 +8,50 @@
# SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org>
# SPDX-License-Identifier: Apache-2.0
+import os
+import json
import getpass
+import argparse
from jose import jws
from cryptography.hazmat.primitives.serialization import pkcs12
from cryptography.hazmat.primitives import serialization
-CPI_KEY_PATH = "./YOUR_CPI_KEY.p12"
+parser = argparse.ArgumentParser(description="CBSD CPI signature data generator")
+parser.add_argument("-k", "--key", help="The file name of CPI key")
+parser.add_argument(
+ "signFiles",
+ type=str,
+ nargs="+",
+ help="The file name of sigature data, can accept multiple files in a time.",
+)
+args = parser.parse_args()
-cpiSignedData = {
- "fccId": "P27-SCE4255W",
- "cbsdSerialNumber": "2009CW5000016",
- "installationParam": {
- "latitude": 32.344752,
- "longitude": -111.012302,
- "height": 1,
- "heightType": "AGL",
- "indoorDeployment": True,
- },
- "professionalInstallerData": {
- "cpiId": "GOOG-001212",
- "cpiName": "Wei-Yu Chen",
- "installCertificationTime": "2021-08-14T00:00:00Z",
- },
-}
+if __name__ == "__main__":
+ # get password
+ cpi_password = bytes(getpass.getpass(), "ascii")
-# get password
-cpi_password = bytes(getpass.getpass(), "ascii")
+ with open(args.key, "rb") as key_file:
+ (pkey, cert, addl_cert) = pkcs12.load_key_and_certificates(
+ key_file.read(), cpi_password
+ )
-with open(CPI_KEY_PATH, "rb") as key_file:
- (pkey, cert, addl_cert) = pkcs12.load_key_and_certificates(
- key_file.read(), cpi_password
+ pkey_raw = pkey.private_bytes(
+ encoding=serialization.Encoding.PEM,
+ format=serialization.PrivateFormat.TraditionalOpenSSL,
+ encryption_algorithm=serialization.NoEncryption(),
)
-pkey_raw = pkey.private_bytes(
- encoding=serialization.Encoding.PEM,
- format=serialization.PrivateFormat.TraditionalOpenSSL,
- encryption_algorithm=serialization.NoEncryption(),
-)
+ if not os.path.exists("output"):
+ os.makedirs("output")
-(protectedHeader, encodedCpiSignedData, digitalSignature) = jws.sign(
- cpiSignedData, pkey_raw, algorithm="RS256"
-).split(".")
+ for signFile in args.signFiles:
+ with open(signFile, "r") as inFile:
+ inFileJson = json.loads(inFile.read())
+ # The output is 3 parameters concat with dot to a string
+ # 3 params are: protectedHeader, encodedCpiSignedData, digitalSignature
+ SIGNED = jws.sign(inFileJson, pkey_raw, algorithm="RS256")
-print(protectedHeader)
-print(encodedCpiSignedData)
-print(digitalSignature)
+ print(f"* {inFileJson['cbsdSerialNumber']} data was signed")
+ with open(f"output/{signFile}.signed", "w") as out_file:
+ out_file.write(SIGNED)