mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-28 09:39:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

cert_audit: Calculate identifier for X.509 objects

Browse Source 
The identifier is calculated SHA1 hex string from
the DER encoding of each X.509 objects. It's useful
for finding out the identical X.509 objects.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv 2023-05-05 16:53:37 +08:00
parent fd72d9f556
commit 13f2ef4949
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tests/scripts/audit-validity-dates.py
View File

@ -31,6 +31,7 @@ import argparse
import datetime import datetime
import glob import glob
import logging import logging
import hashlib
from enum import Enum from enum import Enum
# The script requires cryptography >= 35.0.0 which is only available # The script requires cryptography >= 35.0.0 which is only available
@ -69,10 +70,20 @@ class AuditData:
self.locations = [] # type: typing.List[str] self.locations = [] # type: typing.List[str]
self.fill_validity_duration(x509_obj) self.fill_validity_duration(x509_obj)
self._obj = x509_obj self._obj = x509_obj
encoding = cryptography.hazmat.primitives.serialization.Encoding.DER
self._identifier = hashlib.sha1(self._obj.public_bytes(encoding)).hexdigest()
def __eq__(self, __value) -> bool: def __eq__(self, __value) -> bool:
return self._obj == __value._obj return self._obj == __value._obj
@property
def identifier(self):
"""
Identifier of the underlying X.509 object, which is consistent across
different runs.
"""
return self._identifier
def fill_validity_duration(self, x509_obj): def fill_validity_duration(self, x509_obj):
"""Read validity period from an X.509 object.""" """Read validity period from an X.509 object."""
# Certificate expires after "not_valid_after" # Certificate expires after "not_valid_after"