|
|
@@ -5,6 +5,7 @@ import cryptography.hazmat.primitives.serialization
|
|
|
import cryptography.x509
|
|
|
import math
|
|
|
|
|
|
+DEFAULT_KEY_OUTPUT_PATH = 'gpg-key.sexp'
|
|
|
DEFAULT_SMARTCARD_APP_ID_HEX = 'D2760001240102010001234567890000'
|
|
|
|
|
|
|
|
|
@@ -22,7 +23,7 @@ def convert_to_sexp(data):
|
|
|
return b'(' + b''.join(convert_to_sexp(i) for i in data) + b')'
|
|
|
|
|
|
|
|
|
-def create_gpg_key(input_path, smartcard_app_id_hex):
|
|
|
+def create_gpg_key(input_path, gpg_key_output_path, smartcard_app_id_hex):
|
|
|
backend = cryptography.hazmat.backends.default_backend()
|
|
|
with open(input_path, 'rb') as f:
|
|
|
req = cryptography.x509.load_pem_x509_csr(f.read(), backend)
|
|
|
@@ -35,7 +36,7 @@ def create_gpg_key(input_path, smartcard_app_id_hex):
|
|
|
['shadowed', 't1-v1', [int(smartcard_app_id_hex, 16), 'OPENPGP.1']],
|
|
|
]]
|
|
|
key = convert_to_sexp(key_data)
|
|
|
- with open('gpg-key.sexp', 'wb') as f:
|
|
|
+ with open(gpg_key_output_path, 'wb') as f:
|
|
|
f.write(key)
|
|
|
|
|
|
|
|
|
@@ -49,6 +50,12 @@ def _init_argparser():
|
|
|
'input_path',
|
|
|
help='path to PEM-encoded X.509 signing request',
|
|
|
)
|
|
|
+ argparser.add_argument(
|
|
|
+ '--gpg-key-output-path',
|
|
|
+ dest='gpg_key_output_path',
|
|
|
+ default=DEFAULT_KEY_OUTPUT_PATH,
|
|
|
+ help='path to sexp-encoded shadowed-private-key to be created (default: "%(default)s")',
|
|
|
+ )
|
|
|
argparser.add_argument(
|
|
|
'--smartcard-app-id',
|
|
|
dest='smartcard_app_id_hex',
|
