mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-06-15 12:38:46 +00:00
tools: add codegen/gen_cert_bundle.py
This commit is contained in:
Pavol Rusnak
parent
b98a1db6ee
commit
8dd5edb4a1
26
tools/codegen/gen_cert_bundle.py
Executable file
26
tools/codegen/gen_cert_bundle.py
Executable file
@ -0,0 +1,26 @@
|
|||||||
|
#!/usr/bin/python3
|
||||||
|
import pem
|
||||||
|
from cryptography import x509
|
||||||
|
from cryptography.x509.oid import NameOID
|
||||||
|
from cryptography.hazmat.backends import default_backend
|
||||||
|
from cryptography.hazmat.primitives import hashes, serialization
|
||||||
|
|
||||||
|
bundle = '/var/lib/ca-certificates/ca-bundle.pem'
|
||||||
|
|
||||||
|
certs = pem.parse_file(bundle)
|
||||||
|
|
||||||
|
def process_cert(cert):
|
||||||
|
cert = x509.load_pem_x509_certificate(cert.as_bytes(), default_backend())
|
||||||
|
i = cert.issuer
|
||||||
|
f = cert.fingerprint(hashes.BLAKE2s(32))
|
||||||
|
try:
|
||||||
|
i = i.get_attributes_for_oid(NameOID.COMMON_NAME)[0].value
|
||||||
|
except:
|
||||||
|
i = i.get_attributes_for_oid(NameOID.ORGANIZATION_NAME)[0].value
|
||||||
|
print(' # %s' % i)
|
||||||
|
print(' %s,' % f)
|
||||||
|
|
||||||
|
print('cert_bundle = [')
|
||||||
|
for c in certs:
|
||||||
|
process_cert(c)
|
||||||
|
print(']')
|
||||||
Loading…
Reference in New Issue
Block a user