python/jc
1
0
Fork 0
mirror of https://github.com/kellyjonbrazil/jc.git synced 2025-06-23 00:29:59 +02:00
Code Issues Releases Activity

add pkcs7 example

Browse Source
This commit is contained in:
Kelly Brazil
2022-07-06 17:08:12 -07:00
parent 04d91516e8
commit 014437298c
2 changed files with 168 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
docs/parsers/x509_cert.md
View File

@ -7,6 +7,10 @@ jc - JSON Convert X.509 Certificate format file parser
This parser will convert DER and PEM encoded X.509 certificate files.
You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by
processing them through a program like `openssl` and sending the output to
jc. (See example below)
Usage (cli):
$ cat certificate.pem | jc --x509-cert
@ -122,7 +126,7 @@ Schema:
Examples:
$ cat entrust-ec1.pem| jc --x509-cert -p
$ cat entrust-ec1.pem | jc --x509-cert -p
[
{
"tbs_certificate": {
@ -197,6 +201,85 @@ Examples:
}
]
$ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \
jc --x509-cert | -p
[
{
"tbs_certificate": {
"version": "v3",
"serial_number": "34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db...",
"signature": {
"algorithm": "sha1_rsa",
"parameters": null
},
"issuer": {
"country_name": "US",
"organization_name": "thawte, Inc.",
"organizational_unit_name": [
"Certification Services Division",
"(c) 2006 thawte, Inc. - For authorized use only"
],
"common_name": "thawte Primary Root CA"
},
"validity": {
"not_before": 1163721600,
"not_after": 2099865599,
"not_before_iso": "2006-11-17T00:00:00+00:00",
"not_after_iso": "2036-07-16T23:59:59+00:00"
},
"subject": {
"country_name": "US",
"organization_name": "thawte, Inc.",
"organizational_unit_name": [
"Certification Services Division",
"(c) 2006 thawte, Inc. - For authorized use only"
],
"common_name": "thawte Primary Root CA"
},
"subject_public_key_info": {
"algorithm": {
"algorithm": "rsa",
"parameters": null
},
"public_key": {
"modulus": "ac:a0:f0:fb:80:59:d4:9c:c7:a4:cf:9d:a1:59:73...",
"public_exponent": 65537
}
},
"issuer_unique_id": null,
"subject_unique_id": null,
"extensions": [
{
"extn_id": "basic_constraints",
"critical": true,
"extn_value": {
"ca": true,
"path_len_constraint": null
}
},
{
"extn_id": "key_usage",
"critical": true,
"extn_value": [
"crl_sign",
"key_cert_sign"
]
},
{
"extn_id": "key_identifier",
"critical": false,
"extn_value": "7b:5b:45:cf:af:ce:cb:7a:fd:31:92:1a:6a:b6:..."
}
]
},
"signature_algorithm": {
"algorithm": "sha1_rsa",
"parameters": null
},
"signature_value": "79:11:c0:4b:b3:91:b6:fc:f0:e9:67:d4:0d:6e..."
}
]
<a id="jc.parsers.x509_cert.parse"></a>
### parse

85
jc/parsers/x509_cert.py
View File

@ -2,6 +2,10 @@
This parser will convert DER and PEM encoded X.509 certificate files.
You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by
processing them through a program like `openssl` and sending the output to
jc. (See example below)
Usage (cli):
$ cat certificate.pem | jc --x509-cert
@ -117,7 +121,7 @@ Schema:
Examples:
$ cat entrust-ec1.pem| jc --x509-cert -p
$ cat entrust-ec1.pem | jc --x509-cert -p
[
{
"tbs_certificate": {
@ -191,6 +195,85 @@ Examples:
"signature_value": "30:64:02:30:61:79:d8:e5:42:47:df:1c:ae:53:..."
}
]
$ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \
jc --x509-cert | -p
[
{
"tbs_certificate": {
"version": "v3",
"serial_number": "34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db...",
"signature": {
"algorithm": "sha1_rsa",
"parameters": null
},
"issuer": {
"country_name": "US",
"organization_name": "thawte, Inc.",
"organizational_unit_name": [
"Certification Services Division",
"(c) 2006 thawte, Inc. - For authorized use only"
],
"common_name": "thawte Primary Root CA"
},
"validity": {
"not_before": 1163721600,
"not_after": 2099865599,
"not_before_iso": "2006-11-17T00:00:00+00:00",
"not_after_iso": "2036-07-16T23:59:59+00:00"
},
"subject": {
"country_name": "US",
"organization_name": "thawte, Inc.",
"organizational_unit_name": [
"Certification Services Division",
"(c) 2006 thawte, Inc. - For authorized use only"
],
"common_name": "thawte Primary Root CA"
},
"subject_public_key_info": {
"algorithm": {
"algorithm": "rsa",
"parameters": null
},
"public_key": {
"modulus": "ac:a0:f0:fb:80:59:d4:9c:c7:a4:cf:9d:a1:59:73...",
"public_exponent": 65537
}
},
"issuer_unique_id": null,
"subject_unique_id": null,
"extensions": [
{
"extn_id": "basic_constraints",
"critical": true,
"extn_value": {
"ca": true,
"path_len_constraint": null
}
},
{
"extn_id": "key_usage",
"critical": true,
"extn_value": [
"crl_sign",
"key_cert_sign"
]
},
{
"extn_id": "key_identifier",
"critical": false,
"extn_value": "7b:5b:45:cf:af:ce:cb:7a:fd:31:92:1a:6a:b6:..."
}
]
},
"signature_algorithm": {
"algorithm": "sha1_rsa",
"parameters": null
},
"signature_value": "79:11:c0:4b:b3:91:b6:fc:f0:e9:67:d4:0d:6e..."
}
]
"""
import binascii
from collections import OrderedDict