Tool that generates Sidewalk Certificate Chain with HSM

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shyeh from gravatar.com shyeh

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

Sidewalk Signing Tool

Please refer to the Sidewalk Manufacturing Guide.

Companion utilities for signing and provisioning

There are 2 utilities to help with signing operations.

Extract private key in hexadecimal format from a PEM key file

To work with provisioning.py, the private keys for ECDSA and EDDSA need to be filled up in the JSON file no matter manually or automatically from the signing tool. This tool helps to extract the key data from the PEM files (if the private keys are generated with OpenSSL or similar tools) and convert it to hexadecimals that is suitable for the JSON file.

$ python3 extract_priv.py testp256r1.pem
bc25e2a273d5340f5481615c206d9b5e8aa7ab0f11de0d5810b0dfc7f7e18166

Validate the Sidewalk certificate chain

Once the Sidewalk certificate chain is generated by the signing tool, this tool could be used for listing the certificates inside the chain and then validating them. It makes sure each level of certificate can be validated with its issuer or is self-signed if it's a root certificate.

$ python3 validate_chain.py JNTwXmILBd2ODPSSedYVApPAGe3L106QZ0O1h7wfHTUKYxUkbsfdzOECzOBCSTKyCoqF2+mTIX99lXVbETobCtc37/DMHFP2AWgGH0OHegrTd4AyjVB9xhhFqUeJNsQhUM2bbxtwh7nQKKJOjuDbw2T0BoUQaupg6SuQo2cRmgwBHAD6Fc/FAIWYJ7yFKcbwLE4gdihuA1QvGzcxqbqHTJDSI/Yabdz0pQKIJuz0mrHA5qAHogcPz2lvqERJqXuTKxavUR6Cqnt4G4AVxUAaZbKwJypUzGbOkXvuABm+/Nu1GHQAAOUAeOvZnM7+/x5b6xDnknjdjeHgLtMFbKcqjri59LDbhZM2LCUd0Z9Yce2wahqYja+4hdEqq61aAYGWDZjzs5Jf9KPuUQakAvNA8qNJTOKAcYL/rh+7G63iCR9KW5t0gt+1AQDYAHzSO0Dw/C+YOxINIP2tbWOjE3SP4W/aO9sVphTD0IuEWzgiXASwC3a3AGKZWIo2vgP4ASDRTTwT0P8AgVxc2kAbSlw4y/QxIA1zDZvO8dx+DgjC1/xchftBOaO8YpwvxwJ1AAADGz+gFBeX/ZNN8VJwnsNfgzj4me1HgVJdUo4W9kvx9cr2jHWkC3Oj/bdBTh1+yBjOC53yHlQK/l1GHrEWiWPPnE434LRxnWkwr8EHD4oieJxC8fkIxkQfj+gHhU79Z+oAAYAAAzsnf9SDIZPoDXF0TdC9POqTgld0oXDl2XPaVD4CvvLearrOSlFv+lsNbC4rgZn23MtIBM/7YQmJwmQ+FXRup6Tkubg1hpz04J/09dxg8UiZmntHiUr1GfkTOFMYqRB+Aw==
[0] CA_TYPE.DEVICE:
  Serial   : 24d4f05e620b05dd8e0cf49279d6150293c019edcbd74e906743b587bc1f1d35
  Pubk     : 0a6315246ec7ddcce102cce0424932b20a8a85dbe993217f7d95755b113a1b0a
  Signature: d737eff0cc1c53f60168061f43877a0ad37780328d507dc61845a9478936c42150cd9b6f1b7087b9d028a24e8ee0dbc364f40685106aea60e92b90a367119a0c
[1] CA_TYPE.DAK:
  Serial   : 011c00fa
  Pubk     : 15cfc500859827bc8529c6f02c4e2076286e03542f1b3731a9ba874c90d223f6
  Signature: 1a6ddcf4a5028826ecf49ab1c0e6a007a2070fcf696fa84449a97b932b16af511e82aa7b781b8015c5401a65b2b0272a54cc66ce917bee0019befcdbb5187400
[2] CA_TYPE.PROD:
  Serial   : 00e50078
  Pubk     : ebd99ccefeff1e5beb10e79278dd8de1e02ed3056ca72a8eb8b9f4b0db859336
  Signature: 2c251dd19f5871edb06a1a988dafb885d12aabad5a0181960d98f3b3925ff4a3ee5106a402f340f2a3494ce2807182ffae1fbb1bade2091f4a5b9b7482dfb501
[3] CA_TYPE.MANU:
  Serial   : 00d8007c
  Pubk     : d23b40f0fc2f983b120d20fdad6d63a313748fe16fda3bdb15a614c3d08b845b
  Signature: 38225c04b00b76b7006299588a36be03f80120d14d3c13d0ff00815c5cda401b4a5c38cbf431200d730d9bcef1dc7e0e08c2d7fc5c85fb4139a3bc629c2fc702
[4] CA_TYPE.SIDEWALK:
  Serial   : 75000003
  Pubk     : 1b3fa0141797fd934df152709ec35f8338f899ed4781525d528e16f64bf1f5ca
  Signature: f68c75a40b73a3fdb7414e1d7ec818ce0b9df21e540afe5d461eb1168963cf9c4e37e0b4719d6930afc1070f8a22789c42f1f908c6441f8fe807854efd67ea00
[5] CA_TYPE.AMZN:
  Serial   : 01800003
  Pubk     : 3b277fd4832193e80d71744dd0bd3cea93825774a170e5d973da543e02bef2de
  Signature: 6abace4a516ffa5b0d6c2e2b8199f6dccb4804cffb610989c2643e15746ea7a4e4b9b835869cf4e09ff4f5dc60f148999a7b47894af519f913385318a9107e03
Pass: the certificate chain of CURVE.ED25519 is valid

Consolidate multiple control logs

As the signing tool could generate control logs for a single device that it processes, it is convenient and efficient to do WCL ingestion with a control log file containing information of multiple devices. This tool is to consolidate multiple control logs which have one device in each to form a single control log file.

This tool reads control log files from argument list and generate a big one whose name will be printed out on the last line of standard output.

$ python3 consolidate_cl.py /tmp/cl/C_CONTROL_LOG_*.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018122452.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141057.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141105.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141106.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141108.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141109.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141110.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141112.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141113.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141115.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141116.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141123.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141124.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141126.txt
Processing /tmp/cl/C_CONTROL_LOG_20221018141421.txt
C_CONTROL_LOG_20221018152806.txt
$

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shyeh from gravatar.com shyeh

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

This version

1.2.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sid_signing_tool-1.2.0.tar.gz (20.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sid_signing_tool-1.2.0-py3-none-any.whl (23.0 kB view details)

Uploaded Python 3

File details

Details for the file sid_signing_tool-1.2.0.tar.gz.

File metadata

  • Download URL: sid_signing_tool-1.2.0.tar.gz
  • Upload date:
  • Size: 20.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/5.1.0 CPython/3.12.4

File hashes

Hashes for sid_signing_tool-1.2.0.tar.gz
Algorithm Hash digest
SHA256 5ac41e6fb48fd88495b9960dbd264d6e115ba59279fd4d70b25b9e818a91a1a4
MD5 220d42938a1eb15743559c42d6aa0c16
BLAKE2b-256 c77fb0786ec70b1f3940d277ff1b763ceb9491776afdc0f808cda03545b21a90

See more details on using hashes here.

File details

Details for the file sid_signing_tool-1.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for sid_signing_tool-1.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 807dd54cb07e76a9ff0bebef1f79b3d4241119c6a5e484bf9a40e002801f5a7b
MD5 2dd8a8a3109b798a9b0e8c75cbd4445b
BLAKE2b-256 5e2cf203a383b9789222e148801117e5bd65a3e0616ccf97970fae0653bc7946

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page