From 8dd5edb4a188718b0c76c4cb2577b3ccccab8f2e Mon Sep 17 00:00:00 2001
From: Pavol Rusnak <stick@gk2.sk>
Date: Tue, 2 Jan 2018 20:59:09 +0100
Subject: [PATCH] tools: add codegen/gen_cert_bundle.py

---
 tools/codegen/gen_cert_bundle.py | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100755 tools/codegen/gen_cert_bundle.py

diff --git a/tools/codegen/gen_cert_bundle.py b/tools/codegen/gen_cert_bundle.py
new file mode 100755
index 00000000..8325d5f6
--- /dev/null
+++ b/tools/codegen/gen_cert_bundle.py
@@ -0,0 +1,26 @@
+#!/usr/bin/python3
+import pem
+from cryptography import x509
+from cryptography.x509.oid import NameOID
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import hashes, serialization
+
+bundle = '/var/lib/ca-certificates/ca-bundle.pem'
+
+certs = pem.parse_file(bundle)
+
+def process_cert(cert):
+    cert = x509.load_pem_x509_certificate(cert.as_bytes(), default_backend())
+    i = cert.issuer
+    f = cert.fingerprint(hashes.BLAKE2s(32))
+    try:
+        i = i.get_attributes_for_oid(NameOID.COMMON_NAME)[0].value
+    except:
+        i = i.get_attributes_for_oid(NameOID.ORGANIZATION_NAME)[0].value
+    print('  # %s' % i)
+    print('  %s,' % f)
+
+print('cert_bundle = [')
+for c in certs:
+    process_cert(c)
+print(']')