Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- require 'openssl'
- # find first SEQUENCE of SEQUENCE in TBSCertificate
- # tag == 16 is a SEQUENCE chunk
- def spki_sha1_hash(cert)
- spki = OpenSSL::ASN1.decode(cert).value[0].find { |e|
- e.tag == 16 && e.value[0].tag == 16
- }
- return unless spki
- ["sha1", [OpenSSL::Digest::SHA1.digest(spki.to_der)].pack('m*').chomp].join("/")
- end
- if $0 == __FILE__
- ARGV.each do |file|
- cert = OpenSSL::X509::Certificate.new(File.read(file))
- spkihash = spki_sha1_hash(cert.to_der)
- sha1, b64 = spkihash.split('/')
- puts '=='
- puts 'Subject: ' + cert.subject.to_s
- puts 'Issuer: ' + cert.issuer.to_s
- puts spkihash
- puts b64.unpack('m*')[0].each_byte.map { |e| sprintf("%02x", e) }.join
- end
- end
Add Comment
Please, Sign In to add comment