Created
March 3, 2015 20:48
-
-
Save Lukasa/8d70bc4bda4792e25cad to your computer and use it in GitHub Desktop.
Example of how to do certificate fingerprinting with cryptography
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Needed for boring connection logic | |
import ssl | |
import socket | |
# Needed for the cert work | |
from binascii import hexlify | |
from cryptography import x509 | |
from cryptography.hazmat.backends import default_backend | |
from cryptography.hazmat.primitives import hashes | |
HOSTNAME = 'http2bin.org' | |
# Boring connection logic | |
s = socket.socket() | |
c = ssl.create_default_context() | |
s = c.wrap_socket(s, server_hostname=HOSTNAME) | |
s.connect((HOSTNAME, 443)) | |
# The meat of the work. | |
der = s.getpeercert(binary_form=True) | |
cert = x509.load_der_x509_certificate(der, default_backend()) | |
print hexlify(cert.fingerprint(hashes.SHA256())) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment