From 43a97878ce14b72f0981164f87f2e35e14151312 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 11:22:09 +0200 Subject: Adding upstream version 110.0.1. Signed-off-by: Daniel Baumann --- .../manager/ssl/tests/unit/crlite_enrollment_id.py | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100755 security/manager/ssl/tests/unit/crlite_enrollment_id.py (limited to 'security/manager/ssl/tests/unit/crlite_enrollment_id.py') diff --git a/security/manager/ssl/tests/unit/crlite_enrollment_id.py b/security/manager/ssl/tests/unit/crlite_enrollment_id.py new file mode 100755 index 0000000000..2deb5ad379 --- /dev/null +++ b/security/manager/ssl/tests/unit/crlite_enrollment_id.py @@ -0,0 +1,33 @@ +#!/usr/bin/python + +# Given a PEM encoded X.509 certificate, outputs +# base64(SHA256(subject || spki)) +# where `subject` is the RFC 5280 RDNSequence encoding +# the certificate's subject, and `spki` is the RFC 5280 +# SubjectPublicKeyInfo field encoding the certificate's +# public key. + +import sys +import base64 + +from cryptography import x509 +from cryptography.hazmat.primitives import serialization +from cryptography.hazmat.primitives import hashes + +if len(sys.argv) != 2: + print(f"Usage: {sys.argv[0]} ") + sys.exit(1) + +with open(sys.argv[1], "r") as f: + cert = x509.load_pem_x509_certificate(f.read().encode("utf-8"), backend=None) + +subj = cert.subject.public_bytes() +spki = cert.public_key().public_bytes( + format=serialization.PublicFormat.SubjectPublicKeyInfo, + encoding=serialization.Encoding.DER, +) + +digest = hashes.Hash(hashes.SHA256(), backend=None) +digest.update(subj) +digest.update(spki) +print(base64.b64encode(digest.finalize()).decode("utf-8")) -- cgit v1.2.3