DANE's SPKI hash calculator

author Sergey Matveev <stargrave@stargrave.org>

Wed, 6 Oct 2021 13:52:31 +0000 (16:52 +0300)

committer Sergey Matveev <stargrave@stargrave.org>

Wed, 6 Oct 2021 13:52:31 +0000 (16:52 +0300)
author Sergey Matveev <stargrave@stargrave.org>
Wed, 6 Oct 2021 13:52:31 +0000 (16:52 +0300)
committer Sergey Matveev <stargrave@stargrave.org>
Wed, 6 Oct 2021 13:52:31 +0000 (16:52 +0300)
diff --git a/pygost/asn1schemas/cert-dane-hash.py b/pygost/asn1schemas/cert-dane-hash.py

new file mode 100755 (executable)

index 0000000..ac891c1
--- /dev/null
+++ b/pygost/asn1schemas/cert-dane-hash.py
@@ -0,0 +1,19 @@
+#!/usr/bin/env python3
+"""DANE's SPKI hash calculator
+"""
+
+from base64 import standard_b64decode
+from hashlib import sha256
+import sys
+
+from pygost.asn1schemas.x509 import Certificate
+
+
+with open(sys.argv[1], "rb") as fd:
+    lines = fd.read().decode("ascii").split("-----")
+idx = lines.index("BEGIN CERTIFICATE")
+if idx == -1:
+    raise ValueError("PEM has no CERTIFICATE")
+cert_raw = standard_b64decode(lines[idx + 1])
+cert = Certificate().decod(cert_raw)
+print(sha256(cert["tbsCertificate"]["subjectPublicKeyInfo"].encode()).hexdigest())
author	Sergey Matveev <stargrave@stargrave.org>
	Wed, 6 Oct 2021 13:52:31 +0000 (16:52 +0300)
committer	Sergey Matveev <stargrave@stargrave.org>
	Wed, 6 Oct 2021 13:52:31 +0000 (16:52 +0300)