^CopyNew DAS exchange API
| Children Display |
|---|
| page | a.- Initial private_key (JWT) registration process |
|---|
|
openssl command can be used to generate ES256 asymmetric keys as required by the FAPI part 2 specification. Office will keep the private key and share the public key for registration with WIPO. Below is an example of script to generate ES256 asymmetric keys.
| Code Block |
|---|
| language | bash |
|---|
| theme | RDark |
|---|
| title | private_key_jwt generation script |
|---|
| collapse | true |
|---|
|
#!/bin/bash
# Set the environment
PRIVATE_KEY_ES256=es256_private.pem
PUBLIC_KEY_ES256=es256_public.pem
CLIENT_NAME=DAS
# Generates the ES256 keys
openssl ecparam -genkey -name prime256v1 -noout -out "${PRIVATE_KEY_ES256}"
# Extracts the public key
openssl ec -in "${PRIVATE_KEY_ES256}" -pubout -out "${PUBLIC_KEY_ES256}"
# Generates an x509 certificate
CERT_KEY_ES256=es256_cert.pem
OPENSSL_CONF=./openssl.cnf
CERT_CN="${CLIENT_NAME} private_key_jwt authentication"
# Build the certificate config file
printf '[ req ]\n' > "${OPENSSL_CONF}"
printf 'prompt = no\n' >> "${OPENSSL_CONF}"
printf 'distinguished_name = req_distinguished_name\n' >> "${OPENSSL_CONF}"
printf '[ req_distinguished_name ]\n' >> "${OPENSSL_CONF}"
printf 'CN = %s\n' "${CERT_CN}" >> "${OPENSSL_CONF}"
# Creates the x509 certificate
openssl req -x509 -new -config "${OPENSSL_CONF}" -key "${PRIVATE_KEY_ES256}" -out "${CERT_KEY_ES256}" |
The following files are examples:
Files | Description |
|---|
| es256_cert.pem | Certificate file that will be communicated to WIPO for the configuration of the private_key_jwt client authentication |
| es256_private.pem | Must never be communicated and kept secret, used by the client to sign the private_key_jwt authentication request |
| es256_public.pem | Used only at the generation step, kept for record |
| openssl.cnf | Used only at the generation step, kept for record |
^CopyNew DAS exchange API
| Children Display |
|---|
| page | ^CopyNew DAS exchange API |
|---|
|
