From e18ebb24fb95d169240db228181a72c1d98d9f7b Mon Sep 17 00:00:00 2001 From: brent s Date: Tue, 8 May 2018 12:32:17 -0400 Subject: [PATCH] aaaand pubkey parsing added as well. i think this is Done(TM) --- ssl_tls/certparser.py | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/ssl_tls/certparser.py b/ssl_tls/certparser.py index 03c2a14..c2cd004 100755 --- a/ssl_tls/certparser.py +++ b/ssl_tls/certparser.py @@ -89,8 +89,7 @@ class CertParse(object): certinfo['Extensions'] = self.parse_ext() elif self.alt_names: certinfo['SANs'] = self.parse_ext_san_only() - # TODO: parse? - #certinfo['Pubkey'] = self.cert.get_pubkey() + certinfo['Pubkey'] = self.get_pubkey() certinfo['Serial'] = int(self.cert.get_serial_number()) certinfo['Signature Algorithm'] = self.cert.get_signature_algorithm().\ decode('utf-8') @@ -98,7 +97,6 @@ class CertParse(object): certinfo['Subject Name Hash'] = self.cert.subject_name_hash() certinfo['Fingerprints'] = self.gen_hashes() self.certinfo = certinfo - #print(certinfo) return() def print(self, json_fmt = None): @@ -116,6 +114,17 @@ class CertParse(object): return() return(output) + def get_pubkey(self): + pubkey = {} + key = self.cert.get_pubkey() + pubkey['Bit Length'] = key.bits() + # I wish there was a more comfortable way of comparing these. + if key.type() == OpenSSL.crypto.TYPE_RSA: + pubkey['Algorithm'] = 'RSA' + elif key.type() == OpenSSL.crypto.TYPE_DSA: + pubkey['Algorithm'] = 'DSA' + return(pubkey) + def gen_hashes(self): hashes = {} # Note: MD2 is *so old* that they aren't even @@ -252,7 +261,6 @@ class CertParse(object): for i in [n.strip() for n in _tmp]: l = [y for y in i.split(':', 1) if y not in ('', None)] if len(l) > 1: - print(l) # Is it a line continuation (of a hex value)? if ((re.search('^[0-9A-Z]{2}$', l[0])) and (re.search('^[0-9A-Z:]*:?$', ':'.join(l)))):