Generate SKI from certificate if not present in extension
jtalir opened this issue · comments
If there is no Subject Key Identifier in extension, generate it from certificate data:
#!/usr/bin/python3
from cryptography import x509
from cryptography.hazmat.backends import default_backend
import binascii
import sys
der_data = sys.stdin.buffer.read()
issuer_cert = x509.load_der_x509_certificate(der_data, default_backend())
ski_data = x509.AuthorityKeyIdentifier.from_issuer_public_key(issuer_cert.public_key())
ski = binascii.hexlify(ski_data.key_identifier)
print(ski)