trezor-core/tools/codegen/gen_cert_bundle.py

#!/usr/bin/python3
import pem
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes, serialization

bundle = '/var/lib/ca-certificates/ca-bundle.pem'

certs = pem.parse_file(bundle)

def process_cert(cert):
    cert = x509.load_pem_x509_certificate(cert.as_bytes(), default_backend())
    i = cert.issuer
    f = cert.fingerprint(hashes.BLAKE2s(32))
    try:
        i = i.get_attributes_for_oid(NameOID.COMMON_NAME)[0].value
    except:
        i = i.get_attributes_for_oid(NameOID.ORGANIZATION_NAME)[0].value
    print('  # %s' % i)
    print('  %s,' % f)

print('cert_bundle = [')
for c in certs:
    process_cert(c)
print(']')
tools: add codegen/gen_cert_bundle.py 2018-01-02 11:59:09 -08:00			`#!/usr/bin/python3`
			`import pem`
			`from cryptography import x509`
			`from cryptography.x509.oid import NameOID`
			`from cryptography.hazmat.backends import default_backend`
			`from cryptography.hazmat.primitives import hashes, serialization`

			`bundle = '/var/lib/ca-certificates/ca-bundle.pem'`

			`certs = pem.parse_file(bundle)`

			`def process_cert(cert):`
			`cert = x509.load_pem_x509_certificate(cert.as_bytes(), default_backend())`
			`i = cert.issuer`
			`f = cert.fingerprint(hashes.BLAKE2s(32))`
			`try:`
			`i = i.get_attributes_for_oid(NameOID.COMMON_NAME)[0].value`
			`except:`
			`i = i.get_attributes_for_oid(NameOID.ORGANIZATION_NAME)[0].value`
			`print(' # %s' % i)`
			`print(' %s,' % f)`

			`print('cert_bundle = [')`
			`for c in certs:`
			`process_cert(c)`
			`print(']')`