diff --git a/docs/parsers/x509_cert.md b/docs/parsers/x509_cert.md index 4a0bc219..846b40b9 100644 --- a/docs/parsers/x509_cert.md +++ b/docs/parsers/x509_cert.md @@ -9,7 +9,7 @@ This parser will convert DER and PEM encoded X.509 certificate files. You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by processing them through a program like `openssl` and sending the output to -`jc`. (See example below) +`jc`. (See examples below) Usage (cli): @@ -202,7 +202,7 @@ Examples: ] $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \\ - jc --x509-cert -p + jc --x509-cert -p [ { "tbs_certificate": { @@ -280,6 +280,91 @@ Examples: } ] + $ openssl pkcs12 -info -in certificate.pfx \\ + -passin pass: -passout pass: | \\ + jc --x509-cert -p + [ + { + "tbs_certificate": { + "version": "v3", + "serial_number": "01", + "signature": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "issuer": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "locality_name": "Strasbourg", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "Freelan Sample Certificate Authority", + "email_address": "contact@freelan.org" + }, + "validity": { + "not_before": 1335522678, + "not_after": 1650882678, + "not_before_iso": "2012-04-27T10:31:18+00:00", + "not_after_iso": "2022-04-25T10:31:18+00:00" + }, + "subject": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "alice", + "email_address": "contact@freelan.org" + }, + "subject_public_key_info": { + "algorithm": { + "algorithm": "rsa", + "parameters": null + }, + "public_key": { + "modulus": "dd:6d:bd:f8:80:fa:d7:de:1b:1f:a7:a3:2e:b2:02...", + "public_exponent": 65537 + } + }, + "issuer_unique_id": null, + "subject_unique_id": null, + "extensions": [ + { + "extn_id": "basic_constraints", + "critical": false, + "extn_value": { + "ca": false, + "path_len_constraint": null + } + }, + { + "extn_id": "2.16.840.1.113730.1.13", + "critical": false, + "extn_value": "16:1d:4f:70:65:6e:53:53:4c:20:47:65:6e:65..." + }, + { + "extn_id": "key_identifier", + "critical": false, + "extn_value": "59:5f:c9:13:ba:1b:cc:b9:a8:41:4a:8a:49:79..." + }, + { + "extn_id": "authority_key_identifier", + "critical": false, + "extn_value": { + "key_identifier": "23:6c:2d:3d:3e:29:5d:78:b8:6c:3e:aa...", + "authority_cert_issuer": null, + "authority_cert_serial_number": null + } + } + ] + }, + "signature_algorithm": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "signature_value": "13:e7:02:45:3e:a7:ab:bd:b8:da:e7:ef:74:88..." + } + ] + ### parse diff --git a/jc/parsers/x509_cert.py b/jc/parsers/x509_cert.py index df95db8a..e0282274 100644 --- a/jc/parsers/x509_cert.py +++ b/jc/parsers/x509_cert.py @@ -4,7 +4,7 @@ This parser will convert DER and PEM encoded X.509 certificate files. You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by processing them through a program like `openssl` and sending the output to -`jc`. (See example below) +`jc`. (See examples below) Usage (cli): @@ -197,7 +197,7 @@ Examples: ] $ openssl pkcs7 -in thawte.p7b -inform der -print_certs | \\ - jc --x509-cert -p + jc --x509-cert -p [ { "tbs_certificate": { @@ -274,6 +274,91 @@ Examples: "signature_value": "79:11:c0:4b:b3:91:b6:fc:f0:e9:67:d4:0d:6e..." } ] + + $ openssl pkcs12 -info -in certificate.pfx \\ + -passin pass: -passout pass: | \\ + jc --x509-cert -p + [ + { + "tbs_certificate": { + "version": "v3", + "serial_number": "01", + "signature": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "issuer": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "locality_name": "Strasbourg", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "Freelan Sample Certificate Authority", + "email_address": "contact@freelan.org" + }, + "validity": { + "not_before": 1335522678, + "not_after": 1650882678, + "not_before_iso": "2012-04-27T10:31:18+00:00", + "not_after_iso": "2022-04-25T10:31:18+00:00" + }, + "subject": { + "country_name": "FR", + "state_or_province_name": "Alsace", + "organization_name": "www.freelan.org", + "organizational_unit_name": "freelan", + "common_name": "alice", + "email_address": "contact@freelan.org" + }, + "subject_public_key_info": { + "algorithm": { + "algorithm": "rsa", + "parameters": null + }, + "public_key": { + "modulus": "dd:6d:bd:f8:80:fa:d7:de:1b:1f:a7:a3:2e:b2:02...", + "public_exponent": 65537 + } + }, + "issuer_unique_id": null, + "subject_unique_id": null, + "extensions": [ + { + "extn_id": "basic_constraints", + "critical": false, + "extn_value": { + "ca": false, + "path_len_constraint": null + } + }, + { + "extn_id": "2.16.840.1.113730.1.13", + "critical": false, + "extn_value": "16:1d:4f:70:65:6e:53:53:4c:20:47:65:6e:65..." + }, + { + "extn_id": "key_identifier", + "critical": false, + "extn_value": "59:5f:c9:13:ba:1b:cc:b9:a8:41:4a:8a:49:79..." + }, + { + "extn_id": "authority_key_identifier", + "critical": false, + "extn_value": { + "key_identifier": "23:6c:2d:3d:3e:29:5d:78:b8:6c:3e:aa...", + "authority_cert_issuer": null, + "authority_cert_serial_number": null + } + } + ] + }, + "signature_algorithm": { + "algorithm": "sha1_rsa", + "parameters": null + }, + "signature_value": "13:e7:02:45:3e:a7:ab:bd:b8:da:e7:ef:74:88..." + } + ] """ import binascii from collections import OrderedDict