50 lines
1.4 KiB
Nix
50 lines
1.4 KiB
Nix
{ openssl, writePython2Bin }:
|
|
|
|
writePython2Bin "syncthing-device-id" {
|
|
flakeIgnore = [
|
|
"E226"
|
|
"E302"
|
|
"E305"
|
|
"E501"
|
|
"F401"
|
|
];
|
|
} /* python */ ''
|
|
import base64
|
|
import hashlib
|
|
import subprocess
|
|
import sys
|
|
|
|
B32ALPHABET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'
|
|
|
|
def luhn_checksum(data, alphabet=B32ALPHABET):
|
|
n = len(alphabet)
|
|
number = tuple(alphabet.index(i) for i in reversed(data))
|
|
result = (sum(number[::2]) +
|
|
sum(sum(divmod(i * 2, n)) for i in number[1::2])) % n
|
|
return alphabet[-result]
|
|
|
|
def main(incert):
|
|
der_data = subprocess.check_output([
|
|
'${openssl}/bin/openssl',
|
|
'x509',
|
|
'-outform',
|
|
'DER',
|
|
], stdin=incert)
|
|
data_hash = hashlib.sha256(der_data)
|
|
b32_hash = base64.b32encode(data_hash.digest()).decode('ascii')
|
|
|
|
result = b32_hash.upper().rstrip('=')
|
|
blocks = [result[pos:pos+13] for pos in range(0, len(result), 13)]
|
|
result = '''.join(block + luhn_checksum(block) for block in blocks)
|
|
|
|
blocks = [result[pos:pos+7] for pos in range(0, len(result), 7)]
|
|
print('-'.join(blocks))
|
|
|
|
if __name__ == '__main__':
|
|
import argparse
|
|
parser = argparse.ArgumentParser(description='Generate syncthing ID from certificate')
|
|
parser.add_argument('incert', type=argparse.FileType('rb'), help='Certificate path')
|
|
args = parser.parse_args()
|
|
main(**vars(args))
|
|
''
|