pygost/asn1schemas/cert-dane-hash.py

   1 #!/usr/bin/env python3
   2 """DANE's SPKI hash calculator
   3 """
   4
   5 from base64 import standard_b64decode
   6 from hashlib import sha256
   7 import sys
   8
   9 from pygost.asn1schemas.x509 import Certificate
  10
  11
  12 with open(sys.argv[1], "rb") as fd:
  13     lines = fd.read().decode("ascii").split("-----")
  14 idx = lines.index("BEGIN CERTIFICATE")
  15 if idx == -1:
  16     raise ValueError("PEM has no CERTIFICATE")
  17 cert_raw = standard_b64decode(lines[idx + 1])
  18 cert = Certificate().decod(cert_raw)
  19 print(sha256(cert["tbsCertificate"]["subjectPublicKeyInfo"].encode()).hexdigest())