Generate private key from Python client

python_device/src/api.py

@@ -11,4 +11,4 @@ def get_root_ca() -> str:
     res = requests.get(f"{args.unsecure_origin}/pki/root_ca.pem")
     if res.status_code < 200 or res.status_code > 299:
         raise Exception(f"Get root CA failed with status {res.status_code}")
-    return res.text
+    return res.text

python_device/src/args.py

@@ -10,4 +10,5 @@ parser.add_argument("--storage", help="Change storage location", default="storag
 args = parser.parse_args()
 
 args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
-args.root_ca_path = os.path.join(args.storage, "root_ca.pem")
+args.root_ca_path = os.path.join(args.storage, "root_ca.pem")
+args.dev_priv_key = os.path.join(args.storage, "dev.key")

python_device/src/main.py

@@ -1,5 +1,6 @@
 from src.args import args
 import src.api as api
+import src.pki as pki
 import os
 
 print("Check storage")
@@ -26,6 +27,9 @@ if not os.path.isfile(args.root_ca_path):
     with open(args.root_ca_path, "w") as f:
         f.write(origin)
 
-with open(args.root_ca_path, "r") as f:
+print("Check private key")
-    args.root_ca = f.read()
+if not os.path.isfile(args.dev_priv_key):
-print(f"Root CA = {args.root_ca}")
+    print("Generate private key...")
+    key = pki.gen_priv_key()
+    with open(args.dev_priv_key, "w") as f:
+        f.write(key)

python_device/src/pki.py

@@ -0,0 +1,6 @@
+from OpenSSL import crypto
+
+def gen_priv_key():
+    key = crypto.PKey()
+    key.generate_key(crypto.TYPE_RSA, 2048)
+    return crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode("utf-8")