Versions Compared

Old Version 2

changes.mady.by.user Gabriel BERLICKI

Saved on

compared with

New Version Current

changes.mady.by.user Gabriel BERLICKI

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Section


Column

Openssl 

^CopyNew DAS exchange API

Table of Contents
maxLevel5
typeflat

Children Display
pagea.- Initial private_key (JWT) registration process

...

command can be used to generate ES256 asymmetric keys as required by the FAPI part 2 specification. Office will keep the private key and share the public key for registration with WIPO. Below is an example of script to generate ES256 asymmetric keys.

Code Block
languagebash
themeRDark
titleprivate_key_jwt_generation.sh script
collapsetrue
#!/bin/bash
# Set the environment
PRIVATE

# set the output folder
OUTPUT_FOLDER=$1
#PRIVATE_KEY_ES256=
es256_private.pem PUBLIC
"${OUTPUT_FOLDER}/${2}"
#PUBLIC_KEY_ES256=
es256_public.pem
"${OUTPUT_FOLDER}/${3}"

FILES_NAME="${OUTPUT_FOLDER}/${2}"
CLIENT_NAME=
DAS 
$3

#create output folder if it does not exist

mkdir -p "${OUTPUT_FOLDER}"

# Generates the ES256 keys
openssl ecparam -genkey -name prime256v1 -noout -out "${
PRIVATE
FILES_
KEY_ES256}
NAME}_private.pem"
 
# Extracts the public key
openssl ec -in "${
PRIVATE
FILES_
KEY_ES256}
NAME}_private.pem" -pubout -out "${
PUBLIC
FILES_
KEY_ES256}
NAME}_public.pem"
 
# Generates an x509 certificate 
CERT_KEY_ES256="${FILES_NAME}_es256_cert.pem"
OPENSSL_CONF=
.
"${OUTPUT_FOLDER}/openssl.cnf"
CERT_CN="${CLIENT_NAME} private_key_jwt authentication"
# Build the certificate config file  
printf '[ req ]\n' > "${OPENSSL_CONF}"
printf 'prompt = no\n' >> "${OPENSSL_CONF}"
printf 'distinguished_name = req_distinguished_name\n' >> "${OPENSSL_CONF}"
printf '[ req_distinguished_name ]\n' >> "${OPENSSL_CONF}"
printf 'CN = %s\n' "${CERT_CN}" >> "${OPENSSL_CONF}"
# Creates the x509 certificate 
openssl req -x509 -new -config "${OPENSSL_CONF}" -key "${
PRIVATE
FILES_
KEY_ES256}
NAME}_private.pem" -out "${CERT_KEY_ES256}"
Code Block
languagebash
themeRDark
titleScript usage
sh ./private_key_jwt_generation.sh <output_folder_name> <files_prefix> <client_id>


Note

For the client_id (CLIENT_NAME), please create it as follow:  "das-cc-api-id"

cc = country code of the IPO in lower caps

Note

<file_prefix>: any String that you would have to be included as prefix of the files to generate by the script

Info
titleInformation on how to execute the sample scripts

e.3.- Executing the sample scripts under linux

e.4.- Executing the sample scripts via docker


The following files are examples:

Files

Description

es256_cert.pemCertificate file that will be communicated to WIPO for the configuration of the private_key_jwt client authentication
es256_private.pemMust never be communicated and kept secret, used by the client to sign the private_key_jwt authentication request
es256_public.pemUsed only at the generation step, kept for record
openssl.cnfUsed only at the generation step, kept for record

...



Column

a.- New DAS exchange API

...

Page Tree

...

roota.- New DAS exchange API
pagea.- Initial private_key_jwt registration process