serve pub key, not cert

author: jesopo 2019-09-25 10:43:39 +0100
committer: jesopo 2019-09-25 10:43:39 +0100
commit: 3fa71a75aff74c0d5ddc5004cca1cd08d6d5d7cf (patch)
tree: 01a197aafc3e1c4d47aad9dc1857d954014ef600 /modules/fediverse/ap_security.py
parent: don't .strip() tls cert (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/modules/fediverse/ap_security.py b/modules/fediverse/ap_security.py
index f7d17a2e..a466aaa5 100644
--- a/modules/fediverse/ap_security.py
+++ b/modules/fediverse/ap_security.py
@@ -1,9 +1,14 @@
 import base64, typing
 
 try:
+    from cryptography import x509
     from cryptography.hazmat.primitives import hashes, serialization
     from cryptography.hazmat.primitives.asymmetric import padding, rsa
     from cryptography.hazmat.backends import default_backend
+
+    from cryptography.hazmat.primitives.serialization import Encoding
+    from cryptography.hazmat.primitives.serialization import PublicFormat
+
     has_crypto = True
 except ModuleNotFoundError:
     has_crypto = False
@@ -21,6 +26,13 @@ class PrivateKey(object):
         self.key = _private_key(filename)
         self.id = id
 
+def public_key(key_filename: str) -> str:
+    with open(key_filename, "rb") as key_file:
+        cert = x509.load_pem_x509_certificate(key_file.read(),
+            default_backend())
+    return cert.public_key().public_bytes(
+        Encoding.PEM, PublicFormat.SubjectPublicKeyInfo).decode("ascii")
+
 def signature(key: PrivateKey, headers: typing.List[typing.Tuple[str, str]]
         ) -> str:
     sign_header_keys = " ".join(h[0].lower() for h in headers)
author	jesopo	2019-09-25 10:43:39 +0100
committer	jesopo	2019-09-25 10:43:39 +0100
commit	3fa71a75aff74c0d5ddc5004cca1cd08d6d5d7cf (patch)
tree	01a197aafc3e1c4d47aad9dc1857d954014ef600 /modules/fediverse/ap_security.py
parent	don't .strip() tls cert (diff)
signature