1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-13 19:18:56 +00:00

tools: add codegen/gen_cert_bundle.py

This commit is contained in:
Pavol Rusnak 2018-01-02 20:59:09 +01:00
parent b98a1db6ee
commit 8dd5edb4a1
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D

View File

@ -0,0 +1,26 @@
#!/usr/bin/python3
import pem
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes, serialization
bundle = '/var/lib/ca-certificates/ca-bundle.pem'
certs = pem.parse_file(bundle)
def process_cert(cert):
cert = x509.load_pem_x509_certificate(cert.as_bytes(), default_backend())
i = cert.issuer
f = cert.fingerprint(hashes.BLAKE2s(32))
try:
i = i.get_attributes_for_oid(NameOID.COMMON_NAME)[0].value
except:
i = i.get_attributes_for_oid(NameOID.ORGANIZATION_NAME)[0].value
print(' # %s' % i)
print(' %s,' % f)
print('cert_bundle = [')
for c in certs:
process_cert(c)
print(']')