in moz_kinto_publisher/main.py [0:0]
def set_pem(self, pem_data):
self.pemData = pem_data
self.pemHash = hashlib.sha256(pem_data.encode("utf-8")).hexdigest()
derCert = asciiPemToBinaryDer(pem_data)
try:
self.cert = x509.load_pem_x509_certificate(
pem_data.encode("utf-8"), default_backend()
)
except Exception as e:
raise IntermediateRecordError("Cannot parse PEM data: {}".format(e))
derHash = hashlib.sha256(self.cert.public_bytes(Encoding.DER)).digest()
if self.derHash and self.derHash != derHash:
raise IntermediateRecordError("DER hash does not match")
self.derHash = derHash
self.subject = self.cert.subject.rfc4514_string()
derSpki = self.cert.public_key().public_bytes(
encoding=Encoding.DER, format=PublicFormat.SubjectPublicKeyInfo
)
spkiHash = hashlib.sha256(derSpki).digest()
if self.pubKeyHash and self.pubKeyHash != spkiHash:
raise IntermediateRecordError("SPKI hash does not match")
self.pubKeyHash = spkiHash