mirror of
https://github.com/kellyjonbrazil/jc.git
synced 2025-07-13 01:20:24 +02:00
doc update
This commit is contained in:
Kelly Brazil
@ -5,7 +5,7 @@
|
|||||||
|
|
||||||
jc - JSON Convert X.509 Certificate format file parser
|
jc - JSON Convert X.509 Certificate format file parser
|
||||||
|
|
||||||
This parser will convert DER and PEM encoded X.509 certificates.
|
This parser will convert DER and PEM encoded X.509 certificate files.
|
||||||
|
|
||||||
Usage (cli):
|
Usage (cli):
|
||||||
|
|
||||||
@ -20,19 +20,182 @@ Schema:
|
|||||||
|
|
||||||
[
|
[
|
||||||
{
|
{
|
||||||
"x509_cert": string,
|
"tbs_certificate": {
|
||||||
"bar": boolean,
|
"version": string,
|
||||||
"baz": integer
|
"serial_number": string, # [0]
|
||||||
|
"signature": {
|
||||||
|
"algorithm": string,
|
||||||
|
"parameters": string/null,
|
||||||
|
},
|
||||||
|
"issuer": {
|
||||||
|
"country_name": string,
|
||||||
|
"state_or_province_name" string,
|
||||||
|
"locality_name": string,
|
||||||
|
"organization_name": array/string,
|
||||||
|
"organizational_unit_name": array/string,
|
||||||
|
"common_name": string,
|
||||||
|
"email_address": string
|
||||||
|
},
|
||||||
|
"validity": {
|
||||||
|
"not_before": integer, # [1]
|
||||||
|
"not_after": integer, # [1]
|
||||||
|
"not_before_iso": string,
|
||||||
|
"not_after_iso": string
|
||||||
|
},
|
||||||
|
"subject": {
|
||||||
|
"country_name": string,
|
||||||
|
"state_or_province_name": string,
|
||||||
|
"locality_name": string,
|
||||||
|
"organization_name": array/string,
|
||||||
|
"organizational_unit_name": array/string,
|
||||||
|
"common_name": string,
|
||||||
|
"email_address": string
|
||||||
|
},
|
||||||
|
"subject_public_key_info": {
|
||||||
|
"algorithm": {
|
||||||
|
"algorithm": string,
|
||||||
|
"parameters": string/null,
|
||||||
|
},
|
||||||
|
"public_key": {
|
||||||
|
"modulus": string, # [0]
|
||||||
|
"public_exponent": integer
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"issuer_unique_id": string/null,
|
||||||
|
"subject_unique_id": string/null,
|
||||||
|
"extensions": [
|
||||||
|
{
|
||||||
|
"extn_id": string,
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": array/object/string/integer # [2]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"signature_algorithm": {
|
||||||
|
"algorithm": string,
|
||||||
|
"parameters": string/null
|
||||||
|
},
|
||||||
|
"signature_value": string # [0]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[0] in colon-delimited hex notation
|
||||||
|
[1] time-zone-aware (UTC) epoch timestamp
|
||||||
|
[2] See below for well-known Extension schemas:
|
||||||
|
|
||||||
|
Basic Constraints:
|
||||||
|
{
|
||||||
|
"extn_id": "basic_constraints",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": {
|
||||||
|
"ca": boolean,
|
||||||
|
"path_len_constraint": string/null
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Key Usage:
|
||||||
|
{
|
||||||
|
"extn_id": "key_usage",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": [
|
||||||
|
string
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
Key Identifier:
|
||||||
|
{
|
||||||
|
"extn_id": "key_identifier",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": string # [0]
|
||||||
|
}
|
||||||
|
|
||||||
|
Authority Key Identifier:
|
||||||
|
{
|
||||||
|
"extn_id": "authority_key_identifier",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": {
|
||||||
|
"key_identifier": string, # [0]
|
||||||
|
"authority_cert_issuer": string/null,
|
||||||
|
"authority_cert_serial_number": string/null
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Examples:
|
Examples:
|
||||||
|
|
||||||
$ cat certificate.pem | jc --x509-cert -p
|
$ cat entrust-ec1.pem| jc --x509-cert -p
|
||||||
[]
|
[
|
||||||
|
{
|
||||||
$ cat certificate.der | jc --x509-cert -p -r
|
"tbs_certificate": {
|
||||||
[]
|
"version": "v3",
|
||||||
|
"serial_number": "a6:8b:79:29:00:00:00:00:50:d0:91:f9",
|
||||||
|
"signature": {
|
||||||
|
"algorithm": "sha384_ecdsa",
|
||||||
|
"parameters": null
|
||||||
|
},
|
||||||
|
"issuer": {
|
||||||
|
"country_name": "US",
|
||||||
|
"organization_name": "Entrust, Inc.",
|
||||||
|
"organizational_unit_name": [
|
||||||
|
"See www.entrust.net/legal-terms",
|
||||||
|
"(c) 2012 Entrust, Inc. - for authorized use only"
|
||||||
|
],
|
||||||
|
"common_name": "Entrust Root Certification Authority - EC1"
|
||||||
|
},
|
||||||
|
"validity": {
|
||||||
|
"not_before": 1355844336,
|
||||||
|
"not_after": 2144764536,
|
||||||
|
"not_before_iso": "2012-12-18T15:25:36+00:00",
|
||||||
|
"not_after_iso": "2037-12-18T15:55:36+00:00"
|
||||||
|
},
|
||||||
|
"subject": {
|
||||||
|
"country_name": "US",
|
||||||
|
"organization_name": "Entrust, Inc.",
|
||||||
|
"organizational_unit_name": [
|
||||||
|
"See www.entrust.net/legal-terms",
|
||||||
|
"(c) 2012 Entrust, Inc. - for authorized use only"
|
||||||
|
],
|
||||||
|
"common_name": "Entrust Root Certification Authority - EC1"
|
||||||
|
},
|
||||||
|
"subject_public_key_info": {
|
||||||
|
"algorithm": {
|
||||||
|
"algorithm": "ec",
|
||||||
|
"parameters": "secp384r1"
|
||||||
|
},
|
||||||
|
"public_key": "04:84:13:c9:d0:ba:6d:41:7b:e2:6c:d0:eb:55:..."
|
||||||
|
},
|
||||||
|
"issuer_unique_id": null,
|
||||||
|
"subject_unique_id": null,
|
||||||
|
"extensions": [
|
||||||
|
{
|
||||||
|
"extn_id": "key_usage",
|
||||||
|
"critical": true,
|
||||||
|
"extn_value": [
|
||||||
|
"crl_sign",
|
||||||
|
"key_cert_sign"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"extn_id": "basic_constraints",
|
||||||
|
"critical": true,
|
||||||
|
"extn_value": {
|
||||||
|
"ca": true,
|
||||||
|
"path_len_constraint": null
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"extn_id": "key_identifier",
|
||||||
|
"critical": false,
|
||||||
|
"extn_value": "b7:63:e7:1a:dd:8d:e9:08:a6:55:83:a4:e0:6a:..."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"signature_algorithm": {
|
||||||
|
"algorithm": "sha384_ecdsa",
|
||||||
|
"parameters": null
|
||||||
|
},
|
||||||
|
"signature_value": "30:64:02:30:61:79:d8:e5:42:47:df:1c:ae:53:..."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
||||||
<a id="jc.parsers.x509_cert.parse"></a>
|
<a id="jc.parsers.x509_cert.parse"></a>
|
||||||
|
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
"""jc - JSON Convert X.509 Certificate format file parser
|
"""jc - JSON Convert X.509 Certificate format file parser
|
||||||
|
|
||||||
This parser will convert DER and PEM encoded X.509 certificates.
|
This parser will convert DER and PEM encoded X.509 certificate files.
|
||||||
|
|
||||||
Usage (cli):
|
Usage (cli):
|
||||||
|
|
||||||
@ -15,19 +15,182 @@ Schema:
|
|||||||
|
|
||||||
[
|
[
|
||||||
{
|
{
|
||||||
"x509_cert": string,
|
"tbs_certificate": {
|
||||||
"bar": boolean,
|
"version": string,
|
||||||
"baz": integer
|
"serial_number": string, # [0]
|
||||||
|
"signature": {
|
||||||
|
"algorithm": string,
|
||||||
|
"parameters": string/null,
|
||||||
|
},
|
||||||
|
"issuer": {
|
||||||
|
"country_name": string,
|
||||||
|
"state_or_province_name" string,
|
||||||
|
"locality_name": string,
|
||||||
|
"organization_name": array/string,
|
||||||
|
"organizational_unit_name": array/string,
|
||||||
|
"common_name": string,
|
||||||
|
"email_address": string
|
||||||
|
},
|
||||||
|
"validity": {
|
||||||
|
"not_before": integer, # [1]
|
||||||
|
"not_after": integer, # [1]
|
||||||
|
"not_before_iso": string,
|
||||||
|
"not_after_iso": string
|
||||||
|
},
|
||||||
|
"subject": {
|
||||||
|
"country_name": string,
|
||||||
|
"state_or_province_name": string,
|
||||||
|
"locality_name": string,
|
||||||
|
"organization_name": array/string,
|
||||||
|
"organizational_unit_name": array/string,
|
||||||
|
"common_name": string,
|
||||||
|
"email_address": string
|
||||||
|
},
|
||||||
|
"subject_public_key_info": {
|
||||||
|
"algorithm": {
|
||||||
|
"algorithm": string,
|
||||||
|
"parameters": string/null,
|
||||||
|
},
|
||||||
|
"public_key": {
|
||||||
|
"modulus": string, # [0]
|
||||||
|
"public_exponent": integer
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"issuer_unique_id": string/null,
|
||||||
|
"subject_unique_id": string/null,
|
||||||
|
"extensions": [
|
||||||
|
{
|
||||||
|
"extn_id": string,
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": array/object/string/integer # [2]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"signature_algorithm": {
|
||||||
|
"algorithm": string,
|
||||||
|
"parameters": string/null
|
||||||
|
},
|
||||||
|
"signature_value": string # [0]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[0] in colon-delimited hex notation
|
||||||
|
[1] time-zone-aware (UTC) epoch timestamp
|
||||||
|
[2] See below for well-known Extension schemas:
|
||||||
|
|
||||||
|
Basic Constraints:
|
||||||
|
{
|
||||||
|
"extn_id": "basic_constraints",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": {
|
||||||
|
"ca": boolean,
|
||||||
|
"path_len_constraint": string/null
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Key Usage:
|
||||||
|
{
|
||||||
|
"extn_id": "key_usage",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": [
|
||||||
|
string
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
Key Identifier:
|
||||||
|
{
|
||||||
|
"extn_id": "key_identifier",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": string # [0]
|
||||||
|
}
|
||||||
|
|
||||||
|
Authority Key Identifier:
|
||||||
|
{
|
||||||
|
"extn_id": "authority_key_identifier",
|
||||||
|
"critical": boolean,
|
||||||
|
"extn_value": {
|
||||||
|
"key_identifier": string, # [0]
|
||||||
|
"authority_cert_issuer": string/null,
|
||||||
|
"authority_cert_serial_number": string/null
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Examples:
|
Examples:
|
||||||
|
|
||||||
$ cat certificate.pem | jc --x509-cert -p
|
$ cat entrust-ec1.pem| jc --x509-cert -p
|
||||||
[]
|
[
|
||||||
|
{
|
||||||
$ cat certificate.der | jc --x509-cert -p -r
|
"tbs_certificate": {
|
||||||
[]
|
"version": "v3",
|
||||||
|
"serial_number": "a6:8b:79:29:00:00:00:00:50:d0:91:f9",
|
||||||
|
"signature": {
|
||||||
|
"algorithm": "sha384_ecdsa",
|
||||||
|
"parameters": null
|
||||||
|
},
|
||||||
|
"issuer": {
|
||||||
|
"country_name": "US",
|
||||||
|
"organization_name": "Entrust, Inc.",
|
||||||
|
"organizational_unit_name": [
|
||||||
|
"See www.entrust.net/legal-terms",
|
||||||
|
"(c) 2012 Entrust, Inc. - for authorized use only"
|
||||||
|
],
|
||||||
|
"common_name": "Entrust Root Certification Authority - EC1"
|
||||||
|
},
|
||||||
|
"validity": {
|
||||||
|
"not_before": 1355844336,
|
||||||
|
"not_after": 2144764536,
|
||||||
|
"not_before_iso": "2012-12-18T15:25:36+00:00",
|
||||||
|
"not_after_iso": "2037-12-18T15:55:36+00:00"
|
||||||
|
},
|
||||||
|
"subject": {
|
||||||
|
"country_name": "US",
|
||||||
|
"organization_name": "Entrust, Inc.",
|
||||||
|
"organizational_unit_name": [
|
||||||
|
"See www.entrust.net/legal-terms",
|
||||||
|
"(c) 2012 Entrust, Inc. - for authorized use only"
|
||||||
|
],
|
||||||
|
"common_name": "Entrust Root Certification Authority - EC1"
|
||||||
|
},
|
||||||
|
"subject_public_key_info": {
|
||||||
|
"algorithm": {
|
||||||
|
"algorithm": "ec",
|
||||||
|
"parameters": "secp384r1"
|
||||||
|
},
|
||||||
|
"public_key": "04:84:13:c9:d0:ba:6d:41:7b:e2:6c:d0:eb:55:..."
|
||||||
|
},
|
||||||
|
"issuer_unique_id": null,
|
||||||
|
"subject_unique_id": null,
|
||||||
|
"extensions": [
|
||||||
|
{
|
||||||
|
"extn_id": "key_usage",
|
||||||
|
"critical": true,
|
||||||
|
"extn_value": [
|
||||||
|
"crl_sign",
|
||||||
|
"key_cert_sign"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"extn_id": "basic_constraints",
|
||||||
|
"critical": true,
|
||||||
|
"extn_value": {
|
||||||
|
"ca": true,
|
||||||
|
"path_len_constraint": null
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"extn_id": "key_identifier",
|
||||||
|
"critical": false,
|
||||||
|
"extn_value": "b7:63:e7:1a:dd:8d:e9:08:a6:55:83:a4:e0:6a:..."
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"signature_algorithm": {
|
||||||
|
"algorithm": "sha384_ecdsa",
|
||||||
|
"parameters": null
|
||||||
|
},
|
||||||
|
"signature_value": "30:64:02:30:61:79:d8:e5:42:47:df:1c:ae:53:..."
|
||||||
|
}
|
||||||
|
]
|
||||||
"""
|
"""
|
||||||
import binascii
|
import binascii
|
||||||
from collections import OrderedDict
|
from collections import OrderedDict
|
||||||
@ -62,12 +225,6 @@ def _process(proc_data: List[Dict]) -> List[Dict]:
|
|||||||
|
|
||||||
List of Dictionaries. Structured to conform to the schema.
|
List of Dictionaries. Structured to conform to the schema.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# process the data here
|
|
||||||
# rebuild output for added semantic information
|
|
||||||
# use helper functions in jc.utils for int, float, bool
|
|
||||||
# conversions and timestamps
|
|
||||||
|
|
||||||
return proc_data
|
return proc_data
|
||||||
|
|
||||||
|
|
||||||
@ -164,7 +321,7 @@ def parse(
|
|||||||
raw_output: List = []
|
raw_output: List = []
|
||||||
|
|
||||||
if jc.utils.has_data(data):
|
if jc.utils.has_data(data):
|
||||||
# convert to bytes, if not already for PEM detection since that's
|
# convert to bytes, if not already, for PEM detection since that's
|
||||||
# what pem.detect() needs. (cli.py will auto-convert to UTF-8 if it can)
|
# what pem.detect() needs. (cli.py will auto-convert to UTF-8 if it can)
|
||||||
try:
|
try:
|
||||||
der_bytes = bytes(data, 'utf-8') # type: ignore
|
der_bytes = bytes(data, 'utf-8') # type: ignore
|
||||||
|
|||||||
Reference in New Issue
Block a user