^CopyNew DAS exchange API
Children Display |
---|
page | a.- Initial private_key (JWT) registration process |
---|
|
...
command can be used to generate ES256 asymmetric keys as required by the FAPI part 2 specification. Office will keep the private key and share the public key for registration with WIPO. Below is an example of script to generate ES256 asymmetric keys. Code Block |
---|
language | bash |
---|
theme | RDark |
---|
title | private_key_jwt_generation.sh script |
---|
collapse | true |
---|
| #!/bin/bash
# Set the environment
|
| PRIVATE# set the output folder
OUTPUT_FOLDER=$1
#PRIVATE_KEY_ES256= |
| $1
PUBLIC"${OUTPUT_FOLDER}/${2}"
#PUBLIC_KEY_ES256 |
| =$2="${OUTPUT_FOLDER}/${3}"
FILES_NAME="${OUTPUT_FOLDER}/${2}"
CLIENT_NAME= |
| DAS
$3
#create output folder if it does not exist
mkdir -p "${OUTPUT_FOLDER}"
# Generates the ES256 keys
openssl ecparam -genkey -name prime256v1 -noout -out "${ |
| PRIVATEKEY_ES256}NAME}_private.pem"
# Extracts the public key
openssl ec -in "${ |
| PRIVATEKEY_ES256}NAME}_private.pem" -pubout -out "${ |
| PUBLICKEY_ES256}NAME}_public.pem"
# Generates an x509 certificate
CERT_KEY_ES256="${FILES_NAME}_es256_cert.pem"
OPENSSL_CONF= |
| ."${OUTPUT_FOLDER}/openssl.cnf"
CERT_CN="${CLIENT_NAME} private_key_jwt authentication"
# Build the certificate config file
printf '[ req ]\n' > "${OPENSSL_CONF}"
printf 'prompt = no\n' >> "${OPENSSL_CONF}"
printf 'distinguished_name = req_distinguished_name\n' >> "${OPENSSL_CONF}"
printf '[ req_distinguished_name ]\n' >> "${OPENSSL_CONF}"
printf 'CN = %s\n' "${CERT_CN}" >> "${OPENSSL_CONF}"
# Creates the x509 certificate
openssl req -x509 -new -config "${OPENSSL_CONF}" -key "${ |
| PRIVATEKEY_ES256}NAME}_private.pem" -out "${CERT_KEY_ES256}" |
Code Block |
---|
language | bash |
---|
theme | RDark |
---|
title | Script usage |
---|
| sh ./private_key_jwt_generation.sh <output_folder_name> <files_prefix> <client_id> |
Note |
---|
For the client_id (CLIENT_NAME), please create it as follow: "das-cc-api-id" cc = country code of the IPO in lower caps |
Note |
---|
<file_prefix>: any String that you would have to be included as prefix of the files to generate by the script |
The following files are examples:
Files | Description |
---|
es256_cert.pem | Certificate file that will be communicated to WIPO for the configuration of the private_key_jwt client authentication | es256_private.pem | Must never be communicated and kept secret, used by the client to sign the private_key_jwt authentication request | es256_public.pem | Used only at the generation step, kept for record | openssl.cnf | Used only at the generation step, kept for record |
|
|
...
...
...
root | a.- New DAS exchange API |
---|
page | a.- Initial private_key_jwt registration process |
---|
|
|
|