Versions Compared

Old Version 17

changes.mady.by.user Gabriel BERLICKI

Saved on

compared with

New Version Current

changes.mady.by.user Gabriel BERLICKI

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section


Column

Openssl command can be used to generate ES256 asymmetric keys as required by the FAPI part 2 specification. Office will keep the private key and share the public key for registration with WIPO. Below is an example of script to generate ES256 asymmetric keys.

Code Block
languagebash
themeRDark
titleprivate_key_jwt_generation.sh script
collapsetrue
#!/bin/bash
# Set the environment
# set the output folder
OUTPUT_FOLDER=$1
PRIVATE#PRIVATE_KEY_ES256="${OUTPUT_FOLDER}/${2}"
PUBLIC#PUBLIC_KEY_ES256="${OUTPUT_FOLDER}/${3}"

FILES_NAME="${OUTPUT_FOLDER}/${2}"
CLIENT_NAME=$4$3

#create output folder if it does not exist

mkdir -p "${OUTPUT_FOLDER}"

# Generates the ES256 keys
openssl ecparam -genkey -name prime256v1 -noout -out "${PRIVATEFILES_KEY_ES256}NAME}_private.pem"
 
# Extracts the public key
openssl ec -in "${PRIVATEFILES_KEY_ES256}NAME}_private.pem" -pubout -out "${PUBLICFILES_KEY_ES256}NAME}_public.pem"
 
# Generates an x509 certificate 
CERT_KEY_ES256="${OUTPUTFILES_FOLDERNAME}/_es256_cert.pem"
OPENSSL_CONF="${OUTPUT_FOLDER}/openssl.cnf"
CERT_CN="${CLIENT_NAME} private_key_jwt authentication"
# Build the certificate config file  
printf '[ req ]\n' > "${OPENSSL_CONF}"
printf 'prompt = no\n' >> "${OPENSSL_CONF}"
printf 'distinguished_name = req_distinguished_name\n' >> "${OPENSSL_CONF}"
printf '[ req_distinguished_name ]\n' >> "${OPENSSL_CONF}"
printf 'CN = %s\n' "${CERT_CN}" >> "${OPENSSL_CONF}"
# Creates the x509 certificate 
openssl req -x509 -new -config "${OPENSSL_CONF}" -key "${PRIVATEFILES_KEY_ES256}NAME}_private.pem" -out "${CERT_KEY_ES256}"


Note

For the clientir (CLIENT_NAME), please create it as follow:  "das-cc-api-id"

cc = country code of the IPO in lower caps


Info
titleInformation on how to execute the sample scripts

e.3.- Executing the sample scripts under linux

e.4.- Executing the sample scripts via docker


The following files are examples:

Files

Description

es256_cert.pemCertificate file that will be communicated to WIPO for the configuration of the private_key_jwt client authentication
es256_private.pemMust never be communicated and kept secret, used by the client to sign the private_key_jwt authentication request
es256_public.pemUsed only at the generation step, kept for record
openssl.cnfUsed only at the generation step, kept for record



Column

New DAS exchange API

Page Tree
rootNew DAS exchange API
pagea.- Initial private_key_jwt registration process


...