# Script to sign a predefined CSR
This script creates an EC key pair and signs a predefined Certificated Signing Request (CSR) of SCMS.
The CSR is also known as enrollment request in SCMS. The signature uses ECDSA and SECP256R1 elliptic curve according to IEEE 1609.2 standard.

## Import libraries

In [145]:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec, utils
from  cryptography.hazmat.primitives import serialization

## Programmatically create the CSR (predefined)

Create the CSR programmatically (the tbsRequest part of the CSR is already figured out using ASN.1 studio)
and add public key (byte offset is known ahead of time). The predefined CSR data (tbsRequest field specifically) is defined as follows.

In [146]:
tbsRequest = "018180000160D29D484481057273655F31000000000460D29D488600028301018003480101E08001030001820003204095000320409701000100808080"

## Create ECC key pair

In [147]:
private_key = ec.generate_private_key(
    ec.SECP256R1()
)
public_key = private_key.public_key()


## Add public key in the compressed format
Note that the public key compressed format is "0x02/0x03 + x-point", so you have to cut off the first byte

In [148]:
# compress the public key
public_key_bytes = public_key.public_bytes(serialization.Encoding.X962, serialization.PublicFormat.CompressedPoint)
public_key_hex = bytes.hex(public_key_bytes)
typeStr = public_key_hex[:2]
public_key_hex = public_key_hex[2:]
print("type: ", typeStr, ", public key: ", public_key_hex)
public_key_part = ("82" if typeStr == "02" else "83") + public_key_hex
print(public_key_part)
tbsRequest = tbsRequest + public_key_part

type:  03 , public key:  3d551405be9e1d598888b94bc9563cf3001a9178aa2f5dd2f55394d60939c8d8
833d551405be9e1d598888b94bc9563cf3001a9178aa2f5dd2f55394d60939c8d8


## Sign the data (tbsRequest in the CSR)
Note that sometimes the r and s values are not 64 hex characters or 32 bytes,
sometimes become 63 bytes, may need to add padding

In [154]:
data = bytes.fromhex(tbsRequest)
signature = private_key.sign(
     data,
     ec.ECDSA(hashes.SHA256())
 )
r, s = utils.decode_dss_signature(signature)
rStr = "{:X}".format(r)
sStr = "{:X}".format(s)
print(f"[sig:{len(signature)}]:{signature.hex()}")
print(f"[r:{len(bytes.fromhex(rStr))}]:{rStr}")
print(f"[s:{len(bytes.fromhex(sStr))}]:{sStr}")

[sig:71]:3045022002a63e98c86a5602c2d47e84240f7c4d3d35bf5254faefe291895bf8e5d58969022100935f95a6cc5221cac92c240b3298e749b7fb4dc21451bab63a6615a1bb6b72fb


ValueError: non-hexadecimal number found in fromhex() arg at position 63

## Add the signature to the CSR

In [150]:
signedCSR = "038381A200" + tbsRequest + "828080" + rStr + sStr

Perform quick verify to ensure signature is working

In [151]:
public_key.verify(signature, data, ec.ECDSA(hashes.SHA256()))
print("Quick verify: successful!")

Quick verify: successful!


## Output the results as hex encoded strings
We will test two tests, first is to verify signature using the ouputted data file and signature file.
Second is to verify signature using only the CSR.

In [152]:
serialized_private = private_key.private_bytes(
     encoding=serialization.Encoding.PEM,
     format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption()
)
print("private key (PEM format):")
for l in serialized_private.splitlines():
    print(l.decode('utf-8'))

serialized_public = public_key.public_bytes(
     encoding=serialization.Encoding.PEM,
     format=serialization.PublicFormat.SubjectPublicKeyInfo
)
print("\npublic key (PEM format):")
for l in serialized_public.splitlines():
    print(l.decode('utf-8'))

print("\npublic key (DER compressed format):", public_key_hex)
print(f'public key type ({typeStr}): {"compressed-y-1" if typeStr == "03" else "compressed-y-0"}')
print(f"[tbsRequest:{len(bytes.fromhex(tbsRequest))}]:", tbsRequest)
print(f"[sig:{len(signature)}]:{signature.hex()}")
print(f"[r:{len(bytes.fromhex(rStr))}]:{rStr}")
print(f"[s:{len(bytes.fromhex(sStr))}]:{sStr}")
print(f"[signed-CSR:{len(bytes.fromhex(signedCSR))}]: ", signedCSR)

private key (PEM format):
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg4+qqnRiD1NPjFKYd
PCZoT9VJPxaZJh6/Jqqox8GIMd6hRANCAAQ9VRQFvp4dWYiIuUvJVjzzABqReKov
XdL1U5TWCTnI2AkbLxQU8Vl7n85YWQqyxRQ7M4Mg5tEGB3NGlJbz6pqB
-----END PRIVATE KEY-----

public key (PEM format):
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPVUUBb6eHVmIiLlLyVY88wAakXiq
L13S9VOU1gk5yNgJGy8UFPFZe5/OWFkKssUUOzODIObRBgdzRpSW8+qagQ==
-----END PUBLIC KEY-----

public key (DER compressed format): 3d551405be9e1d598888b94bc9563cf3001a9178aa2f5dd2f55394d60939c8d8
public key type (03): compressed-y-1
[tbsRequest:94]: 018180000160D29D484481057273655F31000000000460D29D488600028301018003480101E08001030001820003204095000320409701000100808080833d551405be9e1d598888b94bc9563cf3001a9178aa2f5dd2f55394d60939c8d8
[sig:70]:3044022012f07cc44776b5a88ee4c7a66247c6b0b669b4323576c329863ac9462672e89502204508867ce62b3031966da4f3174c51f90feb4990671b05df134d55e9fae9937a
[r:32]:12F07CC44776B5A88EE4C7A6624

## Write to files

In [153]:
f = open("private_key.pem", "a")
f.write(serialized_private.decode('utf-8'))
f.close()
print("[private_key.pem]: file writing done.")

f = open("public_key.pem", "a")
f.write(serialized_public.decode('utf-8'))
f.close()
print("[public_key.pem]: file writing done.")

f = open("tbsRquest.oer", "wb")
f.write(data)
f.close()
print("[tbsRquest.oer]: file writing done.")

f = open("tbsRquest.sha256.der", "wb")
f.write(signature)
f.close()
print("[tbsRquest.sha256.der]: file writing done.")

[private_key.pem]: file writing done.
[public_key.pem]: file writing done.
[tbsRquest.oer]: file writing done.
[tbsRquest.sha256.der]: file writing done.


In [None]:
from cryptography.hazmat.primitives import hashes
digest = hashes.Hash(hashes.SHA256())
digest.update(b"")
signature = digest.finalize()
signature_hexStr = bytes.hex(signature)
print(signature_hexStr)