ruben/sort_certificate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Provide openssl like x509 -subjext -issuer -dates -fingerprint output

Browse Source
This commit is contained in:
Ruben van Staveren 2019-08-20 14:20:46 +02:00
parent ccd93d8027
commit 1256d13c42
No known key found for this signature in database
GPG Key ID: 63424959ACCADD9C
1 changed files with 43 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
sort_certificate.py
View File

@ -10,6 +10,7 @@ import re
import os import os
import fileinput import fileinput
from argparse import ArgumentParser from argparse import ArgumentParser
from datetime import datetime
from OpenSSL import crypto from OpenSSL import crypto
from Crypto.Util import asn1 from Crypto.Util import asn1
from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives import serialization
@ -26,6 +27,17 @@ VALID_HOSTNAME_RE = '^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])'\
'(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}'\ '(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}'\
'[a-zA-Z0-9]))*$' '[a-zA-Z0-9]))*$'
CERTINFO_TEMPLATE = '''
subject= /{subject}
issuer= /{issuer}
notBefore={notbefore!s}
notAfter={notafter}
SHA1 Fingerprint={sha1fingerprint}
'''.strip()
ASN1TIME_FMT = str('%Y%m%d%H%M%SZ'.encode('utf8'))
OPENSSLTIME_FMT = '%b %e %T %Y GMT'
def load_data(filenames): def load_data(filenames):
''' '''
@ -325,8 +337,37 @@ def main():
for x509_object in [x for x in x509_objects for x509_object in [x for x in x509_objects
if x.get_subject() != x.get_issuer()]: if x.get_subject() != x.get_issuer()]:
logging.info('Subject: %s', x509_object.get_subject())
logging.info('Issuer: %s', x509_object.get_issuer()) # Stringify subject like openssl x509 -subject
x509_subject = '/'.join(['{0}={1}'.format(component[0].decode(),
component[1].decode())
for component in
x509_object.get_subject().get_components()
])
# Stringify issuer like openssl x509 -issuer
x509_issuer = '/'.join(['{0}={1}'.format(component[0].decode(),
component[1].decode())
for component in
x509_object.get_issuer().get_components()
])
x509_notAfter = datetime.strptime(str(x509_object.get_notAfter()),
ASN1TIME_FMT)
x509_notBefore = datetime.strptime(str(x509_object.get_notBefore()),
ASN1TIME_FMT)
logging.info('Subject: %s', x509_subject)
logging.info('Issuer: %s', x509_issuer)
print(CERTINFO_TEMPLATE.format(
subject=x509_subject,
issuer=x509_issuer,
notbefore=x509_notBefore.strftime(OPENSSLTIME_FMT),
notafter=x509_notAfter.strftime(OPENSSLTIME_FMT),
sha1fingerprint=x509_object.digest('sha1').decode()))
print(crypto.dump_certificate(crypto.FILETYPE_PEM, print(crypto.dump_certificate(crypto.FILETYPE_PEM,
x509_object).decode('ascii'), x509_object).decode('ascii'),
end='') end='')