pyct.py - mozsearch

Enable keyboard shortcuts

#!/usr/bin/env python

# This Source Code Form is subject to the terms of the Mozilla Public

# License, v. 2.0. If a copy of the MPL was not distributed with this

# file, You can obtain one at http://mozilla.org/MPL/2.0/.

"""

Helper library for creating a Signed Certificate Timestamp given the

details of a signing key, when to sign, and the certificate data to

sign. Currently only supports precert_entry types. See RFC 6962.

"""

import binascii

import calendar

import hashlib

from struct import pack

import pykey

from pyasn1.codec.der import encoder

class InvalidKeyError(Exception):

    """Helper exception to handle unknown key types."""

    def __init__(self, key):

        self.key = key

    def __str__(self):

        return 'Invalid key: "%s"' % str(self.key)

class SCT(object):

    """SCT represents a Signed Certificate Timestamp."""

    def __init__(self, key, date, tbsCertificate, issuerKey):

        self.key = key

        self.timestamp = calendar.timegm(date.timetuple()) * 1000

        self.tbsCertificate = tbsCertificate

        self.issuerKey = issuerKey

    def signAndEncode(self):

        """Returns a signed and encoded representation of the SCT as a

        string."""

        # The signature is over the following data:

        # sct_version (one 0 byte)

        # signature_type (one 0 byte)

        # timestamp (8 bytes, milliseconds since the epoch)

        # entry_type (two bytes [0, 1] - currently only precert_entry is

        #             supported)

        # signed_entry (bytes of PreCert)

        # extensions (2-byte-length-prefixed, currently empty (so two 0

        #             bytes))

        # A PreCert is:

        # issuer_key_hash (32 bytes of SHA-256 hash of the issuing

        #                  public key, as DER-encoded SPKI)

        # tbs_certificate (3-byte-length-prefixed data)

        timestamp = pack("!Q", self.timestamp)

        hasher = hashlib.sha256()

        hasher.update(encoder.encode(self.issuerKey.asSubjectPublicKeyInfo()))

        issuer_key_hash = hasher.digest()

        len_prefix = pack("!L", len(self.tbsCertificate))[1:]

        data = (

            b"\0\0"

            + timestamp

            + b"\0\1"

            + issuer_key_hash

            + len_prefix

            + self.tbsCertificate

            + b"\0\0"

        if isinstance(self.key, pykey.ECCKey):

            signatureByte = b"\3"

        elif isinstance(self.key, pykey.RSAKey):

            signatureByte = b"\1"

        else:

            raise InvalidKeyError(self.key)

        # sign returns a hex string like "'<hex bytes>'H", but we want

        # bytes here

        hexSignature = self.key.sign(data, pykey.HASH_SHA256)

        signature = binascii.unhexlify(hexSignature[1:-2])

        # The actual data returned is the following:

        # sct_version (one 0 byte)

        # id (32 bytes of SHA-256 hash of the signing key, as

        #     DER-encoded SPKI)

        # timestamp (8 bytes, milliseconds since the epoch)

        # extensions (2-byte-length-prefixed data, currently

        #             empty)

        # hash (one 4 byte representing sha256)

        # signature (one byte - 1 for RSA and 3 for ECDSA)

        # signature (2-byte-length-prefixed data)

        hasher = hashlib.sha256()

        hasher.update(encoder.encode(self.key.asSubjectPublicKeyInfo()))

        key_id = hasher.digest()

        signature_len_prefix = pack("!H", len(signature))

        return (

            b"\0"

            + key_id

            + timestamp

            + b"\0\0\4"

            + signatureByte

            + signature_len_prefix

            + signature