|
@ -419,13 +419,29 @@ _sign() { |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
_sign_openssl="openssl dgst -sign $keyfile " |
|
|
if [ "$alg" = "sha256" ] ; then |
|
|
if [ "$alg" = "sha256" ] ; then |
|
|
openssl dgst -sha256 -sign "$keyfile" | _base64 |
|
|
|
|
|
|
|
|
_sign_openssl="$_sign_openssl -$alg" |
|
|
else |
|
|
else |
|
|
_err "$alg is not supported yet" |
|
|
_err "$alg is not supported yet" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
if grep "BEGIN RSA PRIVATE KEY" "$keyfile" > /dev/null 2>&1 ; then |
|
|
|
|
|
$_sign_openssl | _base64 |
|
|
|
|
|
elif grep "BEGIN EC PRIVATE KEY" "$keyfile" > /dev/null 2>&1 ; then |
|
|
|
|
|
_signedECText="$($_sign_openssl | openssl asn1parse -inform DER)" |
|
|
|
|
|
_debug3 "_signedECText" "$_signedECText" |
|
|
|
|
|
_ec_r="$(echo "$_signedECText" | _head_n 2 | _tail_n 1 | cut -d : -f 4 | tr -d "\r\n")" |
|
|
|
|
|
_debug3 "_ec_r" "$_ec_r" |
|
|
|
|
|
_ec_s="$(echo "$_signedECText" | _head_n 3 | _tail_n 1 | cut -d : -f 4 | tr -d "\r\n")" |
|
|
|
|
|
_debug3 "_ec_s" "$_ec_s" |
|
|
|
|
|
printf "%s" "$_ec_r$_ec_s" | _h2b | _base64 |
|
|
|
|
|
else |
|
|
|
|
|
_err "Unknown key file format." |
|
|
|
|
|
return 1 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
#keylength |
|
|
#keylength |
|
@ -695,9 +711,6 @@ createAccountKey() { |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
length=$1 |
|
|
length=$1 |
|
|
if _isEccKey "$length" ; then |
|
|
|
|
|
length=2048 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
if [ -z "$length" ] || [ "$length" = "$NO_VALUE" ] ; then |
|
|
if [ -z "$length" ] || [ "$length" = "$NO_VALUE" ] ; then |
|
|
_debug "Use default length 2048" |
|
|
_debug "Use default length 2048" |
|
@ -852,7 +865,7 @@ _calcjwk() { |
|
|
_debug3 pubi "$pubi" |
|
|
_debug3 pubi "$pubi" |
|
|
|
|
|
|
|
|
pubj="$(openssl ec -in $keyfile -noout -text 2>/dev/null | grep -n "ASN1 OID:" | cut -d : -f 1)" |
|
|
pubj="$(openssl ec -in $keyfile -noout -text 2>/dev/null | grep -n "ASN1 OID:" | cut -d : -f 1)" |
|
|
pubj=$(_math $pubj + 1) |
|
|
|
|
|
|
|
|
pubj=$(_math $pubj - 1) |
|
|
_debug3 pubj "$pubj" |
|
|
_debug3 pubj "$pubj" |
|
|
|
|
|
|
|
|
pubtext="$(openssl ec -in $keyfile -noout -text 2>/dev/null | sed -n "$pubi,${pubj}p" | tr -d " \n\r")" |
|
|
pubtext="$(openssl ec -in $keyfile -noout -text 2>/dev/null | sed -n "$pubi,${pubj}p" | tr -d " \n\r")" |
|
@ -862,7 +875,7 @@ _calcjwk() { |
|
|
xlen=$(_math $xlen / 4) |
|
|
xlen=$(_math $xlen / 4) |
|
|
_debug3 xlen "$xlen" |
|
|
_debug3 xlen "$xlen" |
|
|
|
|
|
|
|
|
xend=$(_math "$xend" + 1) |
|
|
|
|
|
|
|
|
xend=$(_math "$xlen" + 1) |
|
|
x="$(printf $pubtext | cut -d : -f 2-$xend)" |
|
|
x="$(printf $pubtext | cut -d : -f 2-$xend)" |
|
|
_debug3 x "$x" |
|
|
_debug3 x "$x" |
|
|
|
|
|
|
|
|