From 9427d7b001bd9cb769fb2940cfa263a448d62b80 Mon Sep 17 00:00:00 2001
From: Daniil Baturin <daniil@baturin.org>
Date: Wed, 9 Aug 2023 17:54:31 +0100
Subject: pki: T5273: add a certificate fingerprint command

---
 python/vyos/pki.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'python')

diff --git a/python/vyos/pki.py b/python/vyos/pki.py
index cd15e3878..792e24b76 100644
--- a/python/vyos/pki.py
+++ b/python/vyos/pki.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2023 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -63,6 +63,18 @@ private_format_map = {
     'OpenSSH': serialization.PrivateFormat.OpenSSH
 }
 
+hash_map = {
+    'sha256': hashes.SHA256,
+    'sha384': hashes.SHA384,
+    'sha512': hashes.SHA512,
+}
+
+def get_certificate_fingerprint(cert, hash):
+    hash_algorithm = hash_map[hash]()
+    fp = cert.fingerprint(hash_algorithm)
+
+    return fp.hex(':').upper()
+
 def encode_certificate(cert):
     return cert.public_bytes(encoding=serialization.Encoding.PEM).decode('utf-8')
 
-- 
cgit v1.2.3