python/jc
1
0
Fork 0
mirror of https://github.com/kellyjonbrazil/jc.git synced 2025-07-13 01:20:24 +02:00
Code Issues Releases Activity

add note about jc not checking the certificate integrity

Browse Source
This commit is contained in:
Kelly Brazil
2022-07-19 17:15:54 -07:00
parent c30d44ea13
commit 720c6b5d42
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/parsers/x509_cert.md
View File

@ -11,6 +11,11 @@ You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by
processing them through a program like `openssl` and sending the output to processing them through a program like `openssl` and sending the output to
`jc`. (See examples below) `jc`. (See examples below)
> Note: `jc` does not verify the integrity of the certificate, which
> requires calculating the hash of the certificate body and comparing it to
> the the hash in the certificate's signature after it is decrypted with the
> issuer certificate's public key.
Usage (cli): Usage (cli):
$ cat certificate.pem | jc --x509-cert $ cat certificate.pem | jc --x509-cert

5
jc/parsers/x509_cert.py
View File

@ -6,6 +6,11 @@ You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by
processing them through a program like `openssl` and sending the output to processing them through a program like `openssl` and sending the output to
`jc`. (See examples below) `jc`. (See examples below)
> Note: `jc` does not verify the integrity of the certificate, which
> requires calculating the hash of the certificate body and comparing it to
> the the hash in the certificate's signature after it is decrypted with the
> issuer certificate's public key.
Usage (cli): Usage (cli):
$ cat certificate.pem | jc --x509-cert $ cat certificate.pem | jc --x509-cert