ソースを参照

replace smartcard-app-id.hex file with cmdline arg --smartcard-app-id

Fabian Peter Hammerle 7 年 前
コミット
a679c2dd78
2 ファイル変更11 行追加5 行削除
  1. 11 4
      create-gpg-shadow-key-from-x509-cert-req.py
  2. 0 1
      smartcard-app-id.hex

+ 11 - 4
create-gpg-shadow-key-from-x509-cert-req.py

@@ -5,6 +5,8 @@ import cryptography.hazmat.primitives.serialization
 import cryptography.x509
 import math
 
+DEFAULT_SMARTCARD_APP_ID_HEX = 'D2760001240102010001234567890000'
+
 
 def convert_to_sexp(data):
     if isinstance(data, int):
@@ -20,10 +22,8 @@ def convert_to_sexp(data):
         return b'(' + b''.join(convert_to_sexp(i) for i in data) + b')'
 
 
-def create_gpg_key():
+def create_gpg_key(smartcard_app_id_hex):
     backend = cryptography.hazmat.backends.default_backend()
-    with open('smartcard-app-id.hex', 'r') as f:
-        appid = int(f.read(), 16)
     with open('cert-request.pem', 'rb') as f:
         req = cryptography.x509.load_pem_x509_csr(f.read(), backend)
     assert req.is_signature_valid
@@ -32,7 +32,7 @@ def create_gpg_key():
         'rsa',
         ['n', pubnums.n],
         ['e', pubnums.e],
-        ['shadowed', 't1-v1', [appid, 'OPENPGP.1']],
+        ['shadowed', 't1-v1', [int(smartcard_app_id_hex, 16), 'OPENPGP.1']],
     ]]
     key = convert_to_sexp(key_data)
     with open('gpg-key.sexp', 'wb') as f:
@@ -45,6 +45,13 @@ def _init_argparser():
         description='create a shadowed-private-key in sexp format for gnupg\'s private-keys-v1.d folder'
             + ' containing the public key of a PEM-encoded X.509 certificate signing request (CSR)',
     )
+    argparser.add_argument(
+        '--smartcard-app-id',
+        dest='smartcard_app_id_hex',
+        metavar='hex-string',
+        default=DEFAULT_SMARTCARD_APP_ID_HEX,
+        help='default: %(default)s',
+    )
     return argparser
 
 

+ 0 - 1
smartcard-app-id.hex

@@ -1 +0,0 @@
-D2760001240102010001234567890000