change this to something more apropos

This commit is contained in:
brent s 2018-05-08 12:13:25 -04:00
parent 07ab9840ca
commit 38227cf938

View File

@ -63,39 +63,39 @@ class CertParse(object):
'"pem" or "asn1"').format(self.cert_type)) '"pem" or "asn1"').format(self.cert_type))
if not self.force_type in ('url', 'domain', 'ip'): if not self.force_type in ('url', 'domain', 'ip'):
with open(self.target, 'rb') as f: with open(self.target, 'rb') as f:
self.pkcs = OpenSSL.crypto.load_certificate(self.cert_type, self.cert = OpenSSL.crypto.load_certificate(self.cert_type,
f.read()) f.read())
else: else:
_cert = ssl.get_server_certificate((self.target, self.port)) _cert = ssl.get_server_certificate((self.target, self.port))
self.pkcs = OpenSSL.crypto.load_certificate(self.cert_type, self.cert = OpenSSL.crypto.load_certificate(self.cert_type,
_cert) _cert)
return() return()


def parseCert(self): def parseCert(self):
certinfo = collections.OrderedDict() certinfo = collections.OrderedDict()
timefmt = '%Y%m%d%H%M%SZ' timefmt = '%Y%m%d%H%M%SZ'
certinfo['Subject'] = self.parse_name(self.pkcs.get_subject().\ certinfo['Subject'] = self.parse_name(self.cert.get_subject().\
get_components()) get_components())
certinfo['EXPIRED'] = self.pkcs.has_expired() certinfo['EXPIRED'] = self.cert.has_expired()
certinfo['Issuer'] = self.parse_name(self.pkcs.get_issuer().\ certinfo['Issuer'] = self.parse_name(self.cert.get_issuer().\
get_components()) get_components())
certinfo['Issued'] = str(datetime.datetime.strptime( certinfo['Issued'] = str(datetime.datetime.strptime(
self.pkcs.get_notBefore().decode('utf-8'), self.cert.get_notBefore().decode('utf-8'),
timefmt)) timefmt))
certinfo['Expires'] = str(datetime.datetime.strptime( certinfo['Expires'] = str(datetime.datetime.strptime(
self.pkcs.get_notAfter().decode('utf-8'), self.cert.get_notAfter().decode('utf-8'),
timefmt)) timefmt))
if self.extensions: if self.extensions:
certinfo['Extensions'] = self.parse_ext() certinfo['Extensions'] = self.parse_ext()
elif self.alt_names: elif self.alt_names:
certinfo['SANs'] = self.parse_ext_san_only() certinfo['SANs'] = self.parse_ext_san_only()
# TODO: parse? # TODO: parse?
#certinfo['Pubkey'] = self.pkcs.get_pubkey() #certinfo['Pubkey'] = self.cert.get_pubkey()
certinfo['Serial'] = int(self.pkcs.get_serial_number()) certinfo['Serial'] = int(self.cert.get_serial_number())
certinfo['Signature Algorithm'] = self.pkcs.get_signature_algorithm().\ certinfo['Signature Algorithm'] = self.cert.get_signature_algorithm().\
decode('utf-8') decode('utf-8')
certinfo['Version'] = self.pkcs.get_version() certinfo['Version'] = self.cert.get_version()
certinfo['Subject Name Hash'] = self.pkcs.subject_name_hash() certinfo['Subject Name Hash'] = self.cert.subject_name_hash()
certinfo['Fingerprints'] = self.gen_hashes() certinfo['Fingerprints'] = self.gen_hashes()
self.certinfo = certinfo self.certinfo = certinfo
#print(certinfo) #print(certinfo)
@ -129,7 +129,7 @@ class CertParse(object):
list(hashlib.algorithms_available)]) list(hashlib.algorithms_available)])
cert_hash_types = [i for i in fpt_types if i in supported_types] cert_hash_types = [i for i in fpt_types if i in supported_types]
for h in cert_hash_types: for h in cert_hash_types:
hashes[h.upper()] = self.pkcs.digest(h).decode('utf-8') hashes[h.upper()] = self.cert.digest(h).decode('utf-8')
return(hashes) return(hashes)


def parse_name(self, item): def parse_name(self, item):
@ -159,8 +159,8 @@ class CertParse(object):


def parse_ext_san_only(self): def parse_ext_san_only(self):
SANs = [] SANs = []
for idx in range(0, self.pkcs.get_extension_count()): for idx in range(0, self.cert.get_extension_count()):
ext = self.pkcs.get_extension(idx) ext = self.cert.get_extension(idx)
name = ext.get_short_name().decode('utf-8').lower() name = ext.get_short_name().decode('utf-8').lower()
x = str(ext).strip() x = str(ext).strip()
if name == 'subjectaltname': if name == 'subjectaltname':
@ -173,8 +173,8 @@ class CertParse(object):


def parse_ext(self): def parse_ext(self):
exts = {} exts = {}
for idx in range(0, self.pkcs.get_extension_count()): for idx in range(0, self.cert.get_extension_count()):
ext = self.pkcs.get_extension(idx) ext = self.cert.get_extension(idx)
keyname = ext.get_short_name().decode('utf-8') keyname = ext.get_short_name().decode('utf-8')
value_str = str(ext).strip() value_str = str(ext).strip()
# These should be split into lists by commas. # These should be split into lists by commas.