Detailed Description

Handles your signing and verifying keys.

Meaning it generates, stores, loads and finds your keys.

Inheritance diagram for KeyStore:

Constructor & Destructor Documentation

◆ init()

None __init__	(		self,
		str	keystore_file,
		str	password
	)

Initialize the KeyStore.

Parameters

keystore_file	The name of the keystore file
password	The password of the keystore file. A strong password should be used.

Member Function Documentation

◆ _find_cert()

ECDSACertificate or ED25519Certificate _find_cert	(		self,
		UUID	uuid
	)

private

Find the stored cert for uuid.

Parameters

uuid	The UUID of the device

Returns: The stored ECDSACertificate or ED25519Certificate if found. Else returns None

◆ _load_keys()

None _load_keys ( self )

private

Load or create new crypto-keys.

The keys are stored in a local key store.

◆ create_ecdsa_keypair()

(ecdsa.VerifyingKey, ecdsa.SigningKey) create_ecdsa_keypair	(		self,
		UUID	uuid,
		ecdsa.curves.Curve	curve = `ecdsa.NIST256p`,
			hashfunc = `hashlib.sha256`
	)

Create new ECDSA key pair and store in key store.

Parameters

uuid	The UUID of the device
curve	The used curve as well as the used hash function have to be explicitly set here to ensure determinism when creating the key
hashfunc

Returns: The ecdsa verifying key and the ecdsa signing key

◆ create_ed25519_keypair()

(ed25519.VerifyingKey, ed25519.SigningKey) create_ed25519_keypair	(		self,
		UUID	uuid
	)

Create a new ED25519 key pair and store it in key store.

Parameters

uuid	The UUID of the device

Returns: The ed25519 verifying key and the ed25519 signing key

◆ exists_signing_key()

def exists_signing_key	(		self,
		UUID	uuid
	)

Check whether this UUID has a signing key in the key store.

Parameters

uuid	The UUID of the device

Returns: True if this UUID has a signing key in the key store.

◆ exists_verifying_key()

def exists_verifying_key	(		self,
		UUID	uuid
	)

Check whether this UUID has a verifying key in the key store.

Parameters

uuid	The UUID of the device

Returns: True if this UUID has a verifying key in the key store.

◆ find_signing_key()

ed25519.SigningKey or ecdsa.SigningKey find_signing_key	(		self,
		UUID	uuid
	)

Find the signing key from the keystore for this UUID.

Parameters

uuid	The UUID of the device

Returns: The ed25519 / ecdsa signing key if found. Else returns None

◆ find_verifying_key()

ed25519.VerifyingKey or ecdsa.VerifyingKey find_verifying_key	(		self,
		UUID	uuid
	)

Find the verifying key for this UUID.

Parameters

uuid	The UUID of the device

Returns: The ed25519 / ecdsa verifying key if found. Else returns None

◆ get_certificate()

dict or None get_certificate	(		self,
		UUID	uuid,
		int	validityInDays = `3650`
	)

Get the public key info for key registration.

Contained information: created, hwDeviceId, pubKey, pubKeyId, validNotAfter, validNotBefore

Parameters

uuid	The UUID of the device
validityInDays	The validity in days for the certificate

Returns: The public key info if found. Else returns None

◆ insert_ecdsa_keypair()

(ecdsa.VerifyingKey, ecdsa.SigningKey) insert_ecdsa_keypair	(		self,
		UUID	uuid,
		ecdsa.VerifyingKey	vk,
		ecdsa.SigningKey	sk
	)

Insert an existing ECDSA key pair into the key store.

Parameters

uuid	The UUID of the device
vk	A `ecdsa.VerifyingKey` like generated from `ecdsa.create_keypair()`
sk	A `ecdsa.SigningKey` like generated from `ecdsa.create_keypair()`

Returns: The verifying key and the signing key

◆ insert_ecdsa_signing_key()

def insert_ecdsa_signing_key	(		self,
			uuid,
		ecdsa.SigningKey	sk
	)

Insert an existing ECDSA signing key.

Parameters

uuid	The UUID of the device
sk	A `ecdsa.SigningKey` like generated from `ecdsa.create_keypair()`

◆ insert_ecdsa_verifying_key()

def insert_ecdsa_verifying_key	(		self,
			uuid,
		ecdsa.VerifyingKey	vk
	)

Insert an existing ECDSA verifying key.

Parameters

uuid	The UUID of the device
vk	A `ecdsa.VerifyingKey` like generated from `ecdsa.create_keypair()`

◆ insert_ed25519_keypair()

( ed25519.VerifyingKey, ed25519.SigningKey) insert_ed25519_keypair	(		self,
		UUID	uuid,
		ed25519.VerifyingKey	vk,
		ed25519.SigningKey	sk
	)

Store an existing ED25519 key pair in the key store.

Parameters

uuid	The UUID of the device
vk	A `ed25519.VerifyingKey` like generated from `ed25519.create_keypair()`
sk	A `ed25519.SigningKey` like generated from `ed25519.create_keypair()`

Returns: The verifying key and the signing key

◆ insert_ed25519_signing_key()

def insert_ed25519_signing_key	(		self,
		UUID	uuid,
		ed25519.SigningKey	sk
	)

Store an existing ED25519 signing key in the key store.

Parameters

uuid	The UUID of the device
sk	A `ed25519.SigningKey` like generated from `ed25519.create_keypair()`

◆ insert_ed25519_verifying_key()

def insert_ed25519_verifying_key	(		self,
		UUID	uuid,
		ed25519.VerifyingKey	vk
	)

Store an existing ED25519 verifying key in the key store.

Parameters

uuid	The UUID of the device
vk	A `ed25519.VerifyingKey` like generated from `ed25519.create_keypair()`

The documentation for this class was generated from the following file:

/github/workspace/ubirch/ubirch_ks.py

Detailed Description

Constructor & Destructor Documentation

◆ __init__()

Member Function Documentation

◆ _find_cert()

◆ _load_keys()

◆ create_ecdsa_keypair()

◆ create_ed25519_keypair()

◆ exists_signing_key()

◆ exists_verifying_key()

◆ find_signing_key()

◆ find_verifying_key()

◆ get_certificate()

◆ insert_ecdsa_keypair()

◆ insert_ecdsa_signing_key()

◆ insert_ecdsa_verifying_key()

◆ insert_ed25519_keypair()

◆ insert_ed25519_signing_key()

◆ insert_ed25519_verifying_key()

◆ init()