The ctypes Python wrapper for the Infineon OPTIGA(TM) Trust family of security solutions
Project description
optigatrust
A ctypes based Python wrapper to work with the OPTIGA(TM) Trust security solutions.
Features
| Function | Module |
|---|---|
| Elliptic Curves Cryptograpy | optigatrust.pk.ecc |
| ECDSA | optigatrust.pk.ecdsa |
| Certificate Signing Request | optigatrust.x509.csr |
| Certificate handling | optigatrust.x509.cert |
| Random Number Generation | optigatrust.rand |
| Write/Read General Purpose Data | optigatrust.util.io |
Dependencies
- Python 3.x
- asn1crypto
- oscrypto
Required Hardware
- OPTIGA(TM) Trust Personalisation Board, or
- any FTDI USB-HID/I2C Converter board
- (planned) Embedded Linux with open I2C lines; e.g. RPi3
Installation
$ pip install optigatrust
License
optigatrust is licensed under the terms of the MIT license. See the LICENSE file for the exact license text.
Documentation
The documentation for optigatrust is composed of tutorials on basic usage and links to the source for the various pre-defined type classes.
Examples
from optigatrust.util.types import *
from optigatrust.rand import *
from optigatrust.pk import *
from optigatrust.x509 import *
import base64
print("Rand size 8 bytes: {0}\n".format(list(get_random_bytes(8))))
print("Rand size 16 bytes: {0}\n".format(list(get_random_bytes(16))))
print("Rand size 255 bytes: {0}\n".format(list(get_random_bytes(255))))
ecc_key = ecc.generate_keypair()
print("Generate NIST-P256 Keypair: {0}\n".format(list(ecc_key.pkey)))
ecdsa_signature = ecdsa.sign(ecc_key, b'Hello World')
print("Generate ECDSA Signature using the keypair: {0}\n".format(list(ecdsa_signature.signature)))
csr_key = ecc.generate_keypair(curve='secp256r1', keyid=KeyId.USER_PRIVKEY_3)
print("Generate NIST-P256 Keypair for a new certificate: {0}\n".format(list(csr_key.pkey)))
builder = csr.Builder(
{
'country_name': 'DE',
'state_or_province_name': 'Bayern',
'organization_name': 'Infineon Technologies AG',
'common_name': 'OPTIGA(TM) Trust IoT',
},
csr_key
)
request = builder.build(csr_key)
csr = base64.b64encode(request.dump())
print("A new CSR {0}\n".format(csr))
Testing
Tests are written using pytest and require this package to be installed:
$ git clone --recurse-submodules https://github.com/Infineon/python-optiga-trust
...
$ cd python-optiga-trust
$ cd tests
$ pytest
To run only some tests, pass a regular expression as a parameter to tests.
$ pytest test_rand.py
Development
Existing releases can be found at https://pypi.org/project/optigatrust/.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
optigatrust-0.3.17.tar.gz
(16.9 kB
view hashes)
Built Distribution
optigatrust-0.3.17-py3-none-any.whl
(246.5 kB
view hashes)
Close
Hashes for optigatrust-0.3.17-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c6e6197dbf70868b88ac5afe434936724e9152cb2ea30be47578fe4e2ffbd5cb |
|
| MD5 | e2e790604fa744c26935ceb2bdd75f88 |
|
| BLAKE2b-256 | a3fc7dccae6c0cc549ccc0ea4d4cb470b3b1235d07895b6585c1291cbc8ea89a |
