7 năm trước cách đây · d5f52568d1
--- a/create-gpg-shadow-key-from-x509-cert-req.py
+++ b/create-gpg-shadow-key-from-x509-cert-req.py
@@ -4,40 +4,38 @@ import cryptography.hazmat.backends
 
				 import cryptography.hazmat.primitives.serialization
			
 
				 import cryptography.x509
			
 
				 import math
			
 
				-import sys
			
 
				 
			
 
				-backend = cryptography.hazmat.backends.default_backend()
			
 
				-
			
 
				-with open('smartcard-app-id.hex', 'r') as f:
			
 
				-    appid = int(f.read(), 16)
			
 
				-
			
 
				-with open('cert-request.pem', 'rb') as f:
			
 
				-    req = cryptography.x509.load_pem_x509_csr(f.read(), backend)
			
 
				-assert req.is_signature_valid
			
 
				-
			
 
				-pubnums = req.public_key().public_numbers()
			
 
				-
			
 
				-key_data = ['shadowed-private-key', [
			
 
				-    'rsa',
			
 
				-    ['n', pubnums.n],
			
 
				-    ['e', pubnums.e],
			
 
				-    ['shadowed', 't1-v1', [appid, 'OPENPGP.1']],
			
 
				-]]
			
 
				-
			
 
				-def convert(data):
			
 
				+def convert_to_sexp(data):
			
 
				     if isinstance(data, int):
			
 
				-        return convert(data.to_bytes(
			
 
				+        return convert_to_sexp(data.to_bytes(
			
 
				             math.ceil(data.bit_length() / 8),
			
 
				             'big',
			
 
				         ))
			
 
				     elif isinstance(data, str):
			
 
				-        return convert(data.encode())
			
 
				+        return convert_to_sexp(data.encode())
			
 
				     elif isinstance(data, bytes):
			
 
				         return str(len(data)).encode() + b':' + data
			
 
				     else:
			
 
				-        return b'(' + b''.join(convert(i) for i in data) + b')'
			
 
				-
			
 
				-key = convert(key_data)
			
 
				-
			
 
				-with open('gpg-key.sexp', 'wb') as f:
			
 
				-    f.write(key)
			
 
				+        return b'(' + b''.join(convert_to_sexp(i) for i in data) + b')'
			
 
				+
			
 
				+def main(argv):
			
 
				+    backend = cryptography.hazmat.backends.default_backend()
			
 
				+    with open('smartcard-app-id.hex', 'r') as f:
			
 
				+        appid = int(f.read(), 16)
			
 
				+    with open('cert-request.pem', 'rb') as f:
			
 
				+        req = cryptography.x509.load_pem_x509_csr(f.read(), backend)
			
 
				+    assert req.is_signature_valid
			
 
				+    pubnums = req.public_key().public_numbers()
			
 
				+    key_data = ['shadowed-private-key', [
			
 
				+        'rsa',
			
 
				+        ['n', pubnums.n],
			
 
				+        ['e', pubnums.e],
			
 
				+        ['shadowed', 't1-v1', [appid, 'OPENPGP.1']],
			
 
				+    ]]
			
 
				+    key = convert_to_sexp(key_data)
			
 
				+    with open('gpg-key.sexp', 'wb') as f:
			
 
				+        f.write(key)
			
 
				+
			
 
				+if __name__ == '__main__':
			
 
				+    import sys
			
 
				+    sys.exit(main(sys.argv))