Zack Williams | 7af92fe | 2021-08-15 15:37:50 -0700 | [diff] [blame^] | 1 | #!/usr/bin/env python3 |
| 2 | """ |
| 3 | cpisign.py |
| 4 | |
| 5 | Utility for signing CPI data |
| 6 | """ |
| 7 | |
| 8 | # SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org> |
| 9 | # SPDX-License-Identifier: Apache-2.0 |
| 10 | |
| 11 | import getpass |
| 12 | from jose import jws |
| 13 | |
| 14 | from cryptography.hazmat.primitives.serialization import pkcs12 |
| 15 | from cryptography.hazmat.primitives import serialization |
| 16 | |
| 17 | CPI_KEY_PATH = "./YOUR_CPI_KEY.p12" |
| 18 | |
| 19 | cpiSignedData = { |
| 20 | "fccId": "P27-SCE4255W", |
| 21 | "cbsdSerialNumber": "2009CW5000016", |
| 22 | "installationParam": { |
| 23 | "latitude": 32.344752, |
| 24 | "longitude": -111.012302, |
| 25 | "height": 1, |
| 26 | "heightType": "AGL", |
| 27 | "indoorDeployment": True, |
| 28 | }, |
| 29 | "professionalInstallerData": { |
| 30 | "cpiId": "GOOG-001212", |
| 31 | "cpiName": "Wei-Yu Chen", |
| 32 | "installCertificationTime": "2021-08-14T00:00:00Z", |
| 33 | }, |
| 34 | } |
| 35 | |
| 36 | # get password |
| 37 | cpi_password = bytes(getpass.getpass(), "ascii") |
| 38 | |
| 39 | with open(CPI_KEY_PATH, "rb") as key_file: |
| 40 | (pkey, cert, addl_cert) = pkcs12.load_key_and_certificates( |
| 41 | key_file.read(), cpi_password |
| 42 | ) |
| 43 | |
| 44 | pkey_raw = pkey.private_bytes( |
| 45 | encoding=serialization.Encoding.PEM, |
| 46 | format=serialization.PrivateFormat.TraditionalOpenSSL, |
| 47 | encryption_algorithm=serialization.NoEncryption(), |
| 48 | ) |
| 49 | |
| 50 | (protectedHeader, encodedCpiSignedData, digitalSignature) = jws.sign( |
| 51 | cpiSignedData, pkey_raw, algorithm="RS256" |
| 52 | ).split(".") |
| 53 | |
| 54 | print(protectedHeader) |
| 55 | print(encodedCpiSignedData) |
| 56 | print(digitalSignature) |