You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 9
Next »
New DAS exchange API
The root page New DAS exchange API could not be found in space DAS Wiki.
openssl command can be used to generate ES256 asymmetric keys as required by the FAPI part 2 specification. Office will keep the private key and share the public key for registration with WIPO. Below is an example of script to generate ES256 asymmetric keys.
#!/bin/bash
# Set the environment
OUTPUT_FOLDER=$1
PRIVATE_KEY_ES256="${OUTPUT_FOLDER}/${2}"
PUBLIC_KEY_ES256="${OUTPUT_FOLDER}/${3}"
CLIENT_NAME=DAS
#create output folder if it does not exist
mkdir -p "${OUTPUT_FOLDER}"
# Generates the ES256 keys
openssl ecparam -genkey -name prime256v1 -noout -out "${PRIVATE_KEY_ES256}"
# Extracts the public key
openssl ec -in "${PRIVATE_KEY_ES256}" -pubout -out "${PUBLIC_KEY_ES256}"
# Generates an x509 certificate
CERT_KEY_ES256="${OUTPUT_FOLDER}/es256_cert.pem"
OPENSSL_CONF="${OUTPUT_FOLDER}/openssl.cnf"
CERT_CN="${CLIENT_NAME} private_key_jwt authentication"
# Build the certificate config file
printf '[ req ]\n' > "${OPENSSL_CONF}"
printf 'prompt = no\n' >> "${OPENSSL_CONF}"
printf 'distinguished_name = req_distinguished_name\n' >> "${OPENSSL_CONF}"
printf '[ req_distinguished_name ]\n' >> "${OPENSSL_CONF}"
printf 'CN = %s\n' "${CERT_CN}" >> "${OPENSSL_CONF}"
# Creates the x509 certificate
openssl req -x509 -new -config "${OPENSSL_CONF}" -key "${PRIVATE_KEY_ES256}" -out "${CERT_KEY_ES256}"
The following files are examples:
Files | Description |
---|
es256_cert.pem | Certificate file that will be communicated to WIPO for the configuration of the private_key_jwt client authentication |
es256_private.pem | Must never be communicated and kept secret, used by the client to sign the private_key_jwt authentication request |
es256_public.pem | Used only at the generation step, kept for record |
openssl.cnf | Used only at the generation step, kept for record |
New DAS exchange API
Unable to render {children}. Page not found: New DAS exchange API.