mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-23 23:08:14 +00:00
tools.codegen: include commithash an repo url in gen_cert_bundle.py
This commit is contained in:
parent
10344dd864
commit
6ac59f426f
@ -4,7 +4,21 @@ from pyblake2 import blake2s
|
||||
import requests
|
||||
|
||||
|
||||
CERTDATA_TXT = 'https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt'
|
||||
CERTDATA = 'https://hg.mozilla.org/releases/mozilla-beta'
|
||||
CERTDATA_HASH = CERTDATA + '/?cmd=lookup&key=tip'
|
||||
CERTDATA_TXT = CERTDATA + '/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt'
|
||||
|
||||
|
||||
def fetch_certdata():
|
||||
r = requests.get(CERTDATA_HASH)
|
||||
assert(r.status_code == 200)
|
||||
commithash = r.text.strip().split(' ')[1]
|
||||
|
||||
r = requests.get(CERTDATA_TXT)
|
||||
assert(r.status_code == 200)
|
||||
certdata = r.text
|
||||
|
||||
return commithash, certdata
|
||||
|
||||
|
||||
def process_certdata(data):
|
||||
@ -30,19 +44,21 @@ def process_certdata(data):
|
||||
|
||||
|
||||
def main():
|
||||
r = requests.get(CERTDATA_TXT)
|
||||
assert(r.status_code == 200)
|
||||
commithash, certdata = fetch_certdata()
|
||||
|
||||
certs = process_certdata(r.text)
|
||||
print('# fetched from %s (default branch)' % CERTDATA)
|
||||
print('# commit %s' % commithash)
|
||||
|
||||
certs = process_certdata(certdata)
|
||||
|
||||
size = sum([len(x) for x in certs.values()])
|
||||
print('# certs: %d | digests size: %d | total size: %d' % (len(certs), len(certs) * 32, size))
|
||||
|
||||
size = 0
|
||||
print('cert_bundle = [')
|
||||
for k, v in certs.items():
|
||||
print(' # %s' % k)
|
||||
print(' %s,' % blake2s(v).digest())
|
||||
size += len(v)
|
||||
print(']')
|
||||
print('# certs: %d | digests size: %d | total size: %d' % (len(certs), len(certs) * 32, size))
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
Loading…
Reference in New Issue
Block a user