From 04d91516e83e00f89d26ab6a3676253e051814e1 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Tue, 5 Jul 2022 19:56:22 -0700 Subject: [PATCH 1/7] add license --- jc/parsers/asn1crypto/LICENSE | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 jc/parsers/asn1crypto/LICENSE diff --git a/jc/parsers/asn1crypto/LICENSE b/jc/parsers/asn1crypto/LICENSE new file mode 100644 index 00000000..f957ebc0 --- /dev/null +++ b/jc/parsers/asn1crypto/LICENSE @@ -0,0 +1,19 @@ +Copyright (c) 2015-2022 Will Bond + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file From 014437298c8f26404f724c7ea1ac5664e8b6d79e Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Wed, 6 Jul 2022 17:08:12 -0700 Subject: [PATCH 2/7] add pkcs7 example --- docs/parsers/x509_cert.md | 85 ++++++++++++++++++++++++++++++++++++++- jc/parsers/x509_cert.py | 85 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 168 insertions(+), 2 deletions(-) diff --git a/docs/parsers/x509_cert.md b/docs/parsers/x509_cert.md index f0c24bd2..4d376a04 100644 --- a/docs/parsers/x509_cert.md +++ b/docs/parsers/x509_cert.md @@ -7,6 +7,10 @@ jc - JSON Convert X.509 Certificate format file parser This parser will convert DER and PEM encoded X.509 certificate files. +You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by +processing them through a program like `openssl` and sending the output to +jc. (See example below) + Usage (cli): $ cat certificate.pem | jc --x509-cert @@ -122,7 +126,7 @@ Schema: Examples: - $ cat entrust-ec1.pem| jc --x509-cert -p + $ cat entrust-ec1.pem | jc --x509-cert -p [ { "tbs_certificate": { @@ -197,6 +201,85 @@ Examples: } ] + $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \ + jc --x509-cert | -p + [ + { + "tbs_certificate": { + "version": "v3", + "serial_number": "34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db...", + "signature": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "issuer": { + "country_name": "US", + "organization_name": "thawte, Inc.", + "organizational_unit_name": [ + "Certification Services Division", + "(c) 2006 thawte, Inc. - For authorized use only" + ], + "common_name": "thawte Primary Root CA" + }, + "validity": { + "not_before": 1163721600, + "not_after": 2099865599, + "not_before_iso": "2006-11-17T00:00:00+00:00", + "not_after_iso": "2036-07-16T23:59:59+00:00" + }, + "subject": { + "country_name": "US", + "organization_name": "thawte, Inc.", + "organizational_unit_name": [ + "Certification Services Division", + "(c) 2006 thawte, Inc. - For authorized use only" + ], + "common_name": "thawte Primary Root CA" + }, + "subject_public_key_info": { + "algorithm": { + "algorithm": "rsa", + "parameters": null + }, + "public_key": { + "modulus": "ac:a0:f0:fb:80:59:d4:9c:c7:a4:cf:9d:a1:59:73...", + "public_exponent": 65537 + } + }, + "issuer_unique_id": null, + "subject_unique_id": null, + "extensions": [ + { + "extn_id": "basic_constraints", + "critical": true, + "extn_value": { + "ca": true, + "path_len_constraint": null + } + }, + { + "extn_id": "key_usage", + "critical": true, + "extn_value": [ + "crl_sign", + "key_cert_sign" + ] + }, + { + "extn_id": "key_identifier", + "critical": false, + "extn_value": "7b:5b:45:cf:af:ce:cb:7a:fd:31:92:1a:6a:b6:..." + } + ] + }, + "signature_algorithm": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "signature_value": "79:11:c0:4b:b3:91:b6:fc:f0:e9:67:d4:0d:6e..." + } + ] + ### parse diff --git a/jc/parsers/x509_cert.py b/jc/parsers/x509_cert.py index e1812546..4c749d79 100644 --- a/jc/parsers/x509_cert.py +++ b/jc/parsers/x509_cert.py @@ -2,6 +2,10 @@ This parser will convert DER and PEM encoded X.509 certificate files. +You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by +processing them through a program like `openssl` and sending the output to +jc. (See example below) + Usage (cli): $ cat certificate.pem | jc --x509-cert @@ -117,7 +121,7 @@ Schema: Examples: - $ cat entrust-ec1.pem| jc --x509-cert -p + $ cat entrust-ec1.pem | jc --x509-cert -p [ { "tbs_certificate": { @@ -191,6 +195,85 @@ Examples: "signature_value": "30:64:02:30:61:79:d8:e5:42:47:df:1c:ae:53:..." } ] + + $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \ + jc --x509-cert | -p + [ + { + "tbs_certificate": { + "version": "v3", + "serial_number": "34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db...", + "signature": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "issuer": { + "country_name": "US", + "organization_name": "thawte, Inc.", + "organizational_unit_name": [ + "Certification Services Division", + "(c) 2006 thawte, Inc. - For authorized use only" + ], + "common_name": "thawte Primary Root CA" + }, + "validity": { + "not_before": 1163721600, + "not_after": 2099865599, + "not_before_iso": "2006-11-17T00:00:00+00:00", + "not_after_iso": "2036-07-16T23:59:59+00:00" + }, + "subject": { + "country_name": "US", + "organization_name": "thawte, Inc.", + "organizational_unit_name": [ + "Certification Services Division", + "(c) 2006 thawte, Inc. - For authorized use only" + ], + "common_name": "thawte Primary Root CA" + }, + "subject_public_key_info": { + "algorithm": { + "algorithm": "rsa", + "parameters": null + }, + "public_key": { + "modulus": "ac:a0:f0:fb:80:59:d4:9c:c7:a4:cf:9d:a1:59:73...", + "public_exponent": 65537 + } + }, + "issuer_unique_id": null, + "subject_unique_id": null, + "extensions": [ + { + "extn_id": "basic_constraints", + "critical": true, + "extn_value": { + "ca": true, + "path_len_constraint": null + } + }, + { + "extn_id": "key_usage", + "critical": true, + "extn_value": [ + "crl_sign", + "key_cert_sign" + ] + }, + { + "extn_id": "key_identifier", + "critical": false, + "extn_value": "7b:5b:45:cf:af:ce:cb:7a:fd:31:92:1a:6a:b6:..." + } + ] + }, + "signature_algorithm": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "signature_value": "79:11:c0:4b:b3:91:b6:fc:f0:e9:67:d4:0d:6e..." + } + ] """ import binascii from collections import OrderedDict From 5fa2fe3992fd1bb77c21bdb6660a1a808433e3cf Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Wed, 6 Jul 2022 17:20:56 -0700 Subject: [PATCH 3/7] fix example --- docs/parsers/x509_cert.md | 4 ++-- jc/parsers/x509_cert.py | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/parsers/x509_cert.md b/docs/parsers/x509_cert.md index 4d376a04..c08e2845 100644 --- a/docs/parsers/x509_cert.md +++ b/docs/parsers/x509_cert.md @@ -201,8 +201,8 @@ Examples: } ] - $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \ - jc --x509-cert | -p + $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \\ + jc --x509-cert -p [ { "tbs_certificate": { diff --git a/jc/parsers/x509_cert.py b/jc/parsers/x509_cert.py index 4c749d79..e8d3a84a 100644 --- a/jc/parsers/x509_cert.py +++ b/jc/parsers/x509_cert.py @@ -196,8 +196,8 @@ Examples: } ] - $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \ - jc --x509-cert | -p + $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \\ + jc --x509-cert -p [ { "tbs_certificate": { From 0ea5c9585a7364d73fc0e6aca6be8ba6c15f5365 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Wed, 6 Jul 2022 20:27:41 -0700 Subject: [PATCH 4/7] formatting --- docs/parsers/x509_cert.md | 2 +- jc/parsers/x509_cert.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/parsers/x509_cert.md b/docs/parsers/x509_cert.md index c08e2845..4a0bc219 100644 --- a/docs/parsers/x509_cert.md +++ b/docs/parsers/x509_cert.md @@ -9,7 +9,7 @@ This parser will convert DER and PEM encoded X.509 certificate files. You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by processing them through a program like `openssl` and sending the output to -jc. (See example below) +`jc`. (See example below) Usage (cli): diff --git a/jc/parsers/x509_cert.py b/jc/parsers/x509_cert.py index e8d3a84a..df95db8a 100644 --- a/jc/parsers/x509_cert.py +++ b/jc/parsers/x509_cert.py @@ -4,7 +4,7 @@ This parser will convert DER and PEM encoded X.509 certificate files. You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by processing them through a program like `openssl` and sending the output to -jc. (See example below) +`jc`. (See example below) Usage (cli): From 89c36e4996fa941b4ae2a077ef0d2b72ce22aad8 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Thu, 7 Jul 2022 09:13:06 -0700 Subject: [PATCH 5/7] add pkcs12 example --- docs/parsers/x509_cert.md | 89 ++++++++++++++++++++++++++++++++++++++- jc/parsers/x509_cert.py | 89 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 174 insertions(+), 4 deletions(-) diff --git a/docs/parsers/x509_cert.md b/docs/parsers/x509_cert.md index 4a0bc219..846b40b9 100644 --- a/docs/parsers/x509_cert.md +++ b/docs/parsers/x509_cert.md @@ -9,7 +9,7 @@ This parser will convert DER and PEM encoded X.509 certificate files. You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by processing them through a program like `openssl` and sending the output to -`jc`. (See example below) +`jc`. (See examples below) Usage (cli): @@ -202,7 +202,7 @@ Examples: ] $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \\ - jc --x509-cert -p + jc --x509-cert -p [ { "tbs_certificate": { @@ -280,6 +280,91 @@ Examples: } ] + $ openssl pkcs12 -info -in certificate.pfx \\ + -passin pass: -passout pass: | \\ + jc --x509-cert -p + [ + { + "tbs_certificate": { + "version": "v3", + "serial_number": "01", + "signature": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "issuer": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "locality_name": "Strasbourg", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "Freelan Sample Certificate Authority", + "email_address": "contact@freelan.org" + }, + "validity": { + "not_before": 1335522678, + "not_after": 1650882678, + "not_before_iso": "2012-04-27T10:31:18+00:00", + "not_after_iso": "2022-04-25T10:31:18+00:00" + }, + "subject": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "alice", + "email_address": "contact@freelan.org" + }, + "subject_public_key_info": { + "algorithm": { + "algorithm": "rsa", + "parameters": null + }, + "public_key": { + "modulus": "dd:6d:bd:f8:80:fa:d7:de:1b:1f:a7:a3:2e:b2:02...", + "public_exponent": 65537 + } + }, + "issuer_unique_id": null, + "subject_unique_id": null, + "extensions": [ + { + "extn_id": "basic_constraints", + "critical": false, + "extn_value": { + "ca": false, + "path_len_constraint": null + } + }, + { + "extn_id": "2.16.840.1.113730.1.13", + "critical": false, + "extn_value": "16:1d:4f:70:65:6e:53:53:4c:20:47:65:6e:65..." + }, + { + "extn_id": "key_identifier", + "critical": false, + "extn_value": "59:5f:c9:13:ba:1b:cc:b9:a8:41:4a:8a:49:79..." + }, + { + "extn_id": "authority_key_identifier", + "critical": false, + "extn_value": { + "key_identifier": "23:6c:2d:3d:3e:29:5d:78:b8:6c:3e:aa...", + "authority_cert_issuer": null, + "authority_cert_serial_number": null + } + } + ] + }, + "signature_algorithm": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "signature_value": "13:e7:02:45:3e:a7:ab:bd:b8:da:e7:ef:74:88..." + } + ] + ### parse diff --git a/jc/parsers/x509_cert.py b/jc/parsers/x509_cert.py index df95db8a..e0282274 100644 --- a/jc/parsers/x509_cert.py +++ b/jc/parsers/x509_cert.py @@ -4,7 +4,7 @@ This parser will convert DER and PEM encoded X.509 certificate files. You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by processing them through a program like `openssl` and sending the output to -`jc`. (See example below) +`jc`. (See examples below) Usage (cli): @@ -197,7 +197,7 @@ Examples: ] $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \\ - jc --x509-cert -p + jc --x509-cert -p [ { "tbs_certificate": { @@ -274,6 +274,91 @@ Examples: "signature_value": "79:11:c0:4b:b3:91:b6:fc:f0:e9:67:d4:0d:6e..." } ] + + $ openssl pkcs12 -info -in certificate.pfx \\ + -passin pass: -passout pass: | \\ + jc --x509-cert -p + [ + { + "tbs_certificate": { + "version": "v3", + "serial_number": "01", + "signature": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "issuer": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "locality_name": "Strasbourg", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "Freelan Sample Certificate Authority", + "email_address": "contact@freelan.org" + }, + "validity": { + "not_before": 1335522678, + "not_after": 1650882678, + "not_before_iso": "2012-04-27T10:31:18+00:00", + "not_after_iso": "2022-04-25T10:31:18+00:00" + }, + "subject": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "alice", + "email_address": "contact@freelan.org" + }, + "subject_public_key_info": { + "algorithm": { + "algorithm": "rsa", + "parameters": null + }, + "public_key": { + "modulus": "dd:6d:bd:f8:80:fa:d7:de:1b:1f:a7:a3:2e:b2:02...", + "public_exponent": 65537 + } + }, + "issuer_unique_id": null, + "subject_unique_id": null, + "extensions": [ + { + "extn_id": "basic_constraints", + "critical": false, + "extn_value": { + "ca": false, + "path_len_constraint": null + } + }, + { + "extn_id": "2.16.840.1.113730.1.13", + "critical": false, + "extn_value": "16:1d:4f:70:65:6e:53:53:4c:20:47:65:6e:65..." + }, + { + "extn_id": "key_identifier", + "critical": false, + "extn_value": "59:5f:c9:13:ba:1b:cc:b9:a8:41:4a:8a:49:79..." + }, + { + "extn_id": "authority_key_identifier", + "critical": false, + "extn_value": { + "key_identifier": "23:6c:2d:3d:3e:29:5d:78:b8:6c:3e:aa...", + "authority_cert_issuer": null, + "authority_cert_serial_number": null + } + } + ] + }, + "signature_algorithm": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "signature_value": "13:e7:02:45:3e:a7:ab:bd:b8:da:e7:ef:74:88..." + } + ] """ import binascii from collections import OrderedDict From 8b1c4f923e090cdb588ba53fdb9d2ac0d7bbeec4 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Thu, 7 Jul 2022 09:23:02 -0700 Subject: [PATCH 6/7] doc fix --- docs/parsers/x509_cert.md | 2 +- jc/parsers/x509_cert.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/parsers/x509_cert.md b/docs/parsers/x509_cert.md index 846b40b9..08512ab5 100644 --- a/docs/parsers/x509_cert.md +++ b/docs/parsers/x509_cert.md @@ -379,7 +379,7 @@ Main text parsing function Parameters: - data: (string) text data to parse + data: (string or bytes) text or binary data to parse raw: (boolean) unprocessed output if True quiet: (boolean) suppress warning messages if True diff --git a/jc/parsers/x509_cert.py b/jc/parsers/x509_cert.py index e0282274..399f332a 100644 --- a/jc/parsers/x509_cert.py +++ b/jc/parsers/x509_cert.py @@ -483,7 +483,7 @@ def parse( Parameters: - data: (string) text data to parse + data: (string or bytes) text or binary data to parse raw: (boolean) unprocessed output if True quiet: (boolean) suppress warning messages if True From eaa36a6a319f85eed9f80fb04eb0287306b4774a Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Thu, 7 Jul 2022 12:56:18 -0700 Subject: [PATCH 7/7] formatting --- docs/parsers/csv.md | 4 ++-- docs/parsers/csv_s.md | 4 ++-- jc/parsers/csv.py | 4 ++-- jc/parsers/csv_s.py | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/parsers/csv.md b/docs/parsers/csv.md index 0807a0b0..f152fa0a 100644 --- a/docs/parsers/csv.md +++ b/docs/parsers/csv.md @@ -20,8 +20,8 @@ Usage (module): Schema: - csv file converted to a Dictionary: - https://docs.python.org/3/library/csv.html +CSV file converted to a Dictionary: +https://docs.python.org/3/library/csv.html [ { diff --git a/docs/parsers/csv_s.md b/docs/parsers/csv_s.md index 83c9c1c5..2c674580 100644 --- a/docs/parsers/csv_s.md +++ b/docs/parsers/csv_s.md @@ -29,8 +29,8 @@ Usage (module): Schema: - csv file converted to a Dictionary: - https://docs.python.org/3/library/csv.html +CSV file converted to a Dictionary: +https://docs.python.org/3/library/csv.html { "column_name1": string, diff --git a/jc/parsers/csv.py b/jc/parsers/csv.py index 34b63437..5a4bbf6a 100644 --- a/jc/parsers/csv.py +++ b/jc/parsers/csv.py @@ -15,8 +15,8 @@ Usage (module): Schema: - csv file converted to a Dictionary: - https://docs.python.org/3/library/csv.html +CSV file converted to a Dictionary: +https://docs.python.org/3/library/csv.html [ { diff --git a/jc/parsers/csv_s.py b/jc/parsers/csv_s.py index 61f470bc..f3e84681 100644 --- a/jc/parsers/csv_s.py +++ b/jc/parsers/csv_s.py @@ -24,8 +24,8 @@ Usage (module): Schema: - csv file converted to a Dictionary: - https://docs.python.org/3/library/csv.html +CSV file converted to a Dictionary: +https://docs.python.org/3/library/csv.html { "column_name1": string,