File indexing completed on 2024-11-24 04:44:42
0001 #!/usr/bin/env python3 0002 # SPDX-FileCopyrightText: 2021 Volker Krause <vkrause@kde.org> 0003 # SPDX-License-Identifier: LGPL-2.0-or-later 0004 0005 import argparse 0006 import json 0007 import os 0008 import requests 0009 0010 parser = argparse.ArgumentParser(description='Download certificates for validating SHCs') 0011 parser.add_argument('--output', type=str, required=True, help='Path to which the output should be written to') 0012 arguments = parser.parse_args() 0013 0014 os.makedirs(arguments.output, exist_ok = True) 0015 0016 vciDirectoryUrl = 'https://raw.githubusercontent.com/the-commons-project/vci-directory/main/vci-issuers.json' 0017 vciDirectoryReq = requests.get(vciDirectoryUrl) 0018 vciDirectory = json.loads(vciDirectoryReq.text) 0019 0020 issuerUrls = [] 0021 for issuer in vciDirectory['participating_issuers']: 0022 issuerUrls.append(issuer['iss']) 0023 0024 jwkFileNames = [] 0025 for issuer in issuerUrls: 0026 print(f"Downloading {issuer}...") 0027 try: 0028 req = requests.get(issuer + '/.well-known/jwks.json', timeout=10) 0029 except Exception as ex: 0030 print(f" exception: {ex}") 0031 continue 0032 if req.status_code != 200: 0033 print(f" failed: {req.status_code}") 0034 continue 0035 try: 0036 jwks = json.loads(req.text) 0037 except Exception as ex: 0038 print(f" exception: {ex} - {req.text}") 0039 continue 0040 if not jwks or 'keys' not in jwks: 0041 print(f" invalid JWKS:" << req.text) 0042 continue 0043 for key in jwks['keys']: 0044 jwkFileName = key['kid'] + '.jwk' 0045 jwkPath = os.path.join(arguments.output, jwkFileName) 0046 jwkFile = open(jwkPath, 'w') 0047 jwkFile.write(json.dumps(key)) 0048 jwkFile.close() 0049 jwkFileNames.append(jwkFileName) 0050 0051 qrcFile = open(os.path.join(arguments.output, 'shc-certs.qrc'), 'w') 0052 qrcFile.write("""<!-- 0053 SPDX-FileCopyrightText: none 0054 SPDX-License-Identifier: CC0-1.0 0055 --> 0056 <RCC> 0057 <qresource prefix="/org.kde.khealthcertificate/shc/certs"> 0058 """) 0059 for jwkFileName in jwkFileNames: 0060 qrcFile.write(f" <file>{jwkFileName}</file>\n") 0061 qrcFile.write(""" </qresource> 0062 </RCC>""") 0063 qrcFile.close()