Exemple #1
0
def indented_output(msg, l, level=0):
    msg = '%s:' % msg
    lines = []
    if not l:
        l = ['--']
    lines.extend(nss.make_line_fmt_tuples(level, msg))
    lines.extend(nss.make_line_fmt_tuples(level+1, l))
    return nss.indented_format(lines)
Exemple #2
0
def indented_output(msg, l, level=0):
    msg = '%s:' % msg
    lines = []
    if not l:
        l = ['--']
    lines.extend(nss.make_line_fmt_tuples(level, msg))
    lines.extend(nss.make_line_fmt_tuples(level + 1, l))
    return nss.indented_format(lines)
Exemple #3
0
def fmt_info(label, item, level=0, hex_data=False):
    fmt_tuples = nss.make_line_fmt_tuples(level, label + ':')
    if hex_data:
        fmt_tuples.extend(
            nss.make_line_fmt_tuples(level + 1, nss.data_to_hex(item, 16)))
    elif isinstance(item, six.string_types):
        fmt_tuples.extend(nss.make_line_fmt_tuples(level + 1, str(item)))
    else:
        fmt_tuples.extend(item.format_lines(level=level + 1))
    return nss.indented_format(fmt_tuples)
Exemple #4
0
def fmt_info(label, item, level=0, hex_data=False):
    fmt_tuples = nss.make_line_fmt_tuples(level, label+':')
    if hex_data:
        fmt_tuples.extend(nss.make_line_fmt_tuples(level+1,
                                                   nss.data_to_hex(item, 16)))
    elif isinstance(item, six.string_types):
        fmt_tuples.extend(nss.make_line_fmt_tuples(level+1, str(item)))
    else:
        fmt_tuples.extend(item.format_lines(level=level+1))
    return nss.indented_format(fmt_tuples)
Exemple #5
0
def indented_obj(msg, obj, level=0):
    msg = '%s:' % msg
    lines = []
    lines.extend(nss.make_line_fmt_tuples(level, msg))
    lines.extend(obj.format_lines(level + 1))
    return nss.indented_format(lines)
Exemple #6
0
def indented_obj(msg, obj, level=0):
    msg = '%s:' % msg
    lines = []
    lines.extend(nss.make_line_fmt_tuples(level, msg))
    lines.extend(obj.format_lines(level+1))
    return nss.indented_format(lines)
Exemple #7
0
def print_extension(level, extension):
    print nss.indented_format([(level, 'Name: %s' % extension.name),
                               (level, 'Critical: %s' % extension.critical)])

    oid_tag = extension.oid_tag

    if   oid_tag == nss.SEC_OID_PKCS12_KEY_USAGE:
        print nss.indented_format([(level, 'Usages:')])
        print nss.indented_format(nss.make_line_fmt_tuples(level+1, nss.x509_key_usage(extension.value)))

    elif oid_tag == nss.SEC_OID_X509_SUBJECT_KEY_ID:
        print nss.indented_format([(level, 'Data:')])
        print nss.indented_format(nss.make_line_fmt_tuples(level+1,
              extension.value.der_to_hex(nss.OCTETS_PER_LINE_DEFAULT)))

    elif oid_tag == nss.SEC_OID_X509_CRL_DIST_POINTS:
        pts = nss.CRLDistributionPts(extension.value)
        i = 1
        print nss.indented_format([(level, 'CRL Distribution Points: [%d total]' % len(pts))])
        for pt in pts:
            print nss.indented_format([(level+1, 'Point[%d]:' % i)])
            names = pt.get_general_names()
            print nss.indented_format([(level+2, 'General Names: [%d total]' % len(names))])
            for name in names:
                print nss.indented_format([(level+3, '%s:' % name)])
            print nss.indented_format([(level+2, 'Reasons: %s' % (pt.get_reasons(),))])
            print nss.indented_format([(level+2, 'Issuer: %s' % pt.issuer)])

    elif oid_tag == nss.SEC_OID_X509_AUTH_KEY_ID:
        auth_key_id = nss.AuthKeyID(extension.value)
        print nss.indented_format([(level+1, 'Key ID:')])
        print nss.indented_format(nss.make_line_fmt_tuples(level+2,
              auth_key_id.key_id.to_hex(nss.OCTETS_PER_LINE_DEFAULT)))
        print nss.indented_format([(level+1, 'Serial Number: %s' % (auth_key_id.serial_number))])
        print nss.indented_format([(level+1, 'Issuer:' % auth_key_id.get_general_names())])

    elif oid_tag == nss.SEC_OID_X509_BASIC_CONSTRAINTS:
        bc = nss.BasicConstraints(extension.value)
        print nss.indented_format([(level, '%s' % str(bc))])

    elif oid_tag == nss.SEC_OID_X509_EXT_KEY_USAGE:
        print nss.indented_format([(level, 'Usages:')])
        print nss.indented_format(nss.make_line_fmt_tuples(level+1, nss.x509_ext_key_usage(extension.value)))

    elif oid_tag in (nss.SEC_OID_X509_SUBJECT_ALT_NAME, nss.SEC_OID_X509_ISSUER_ALT_NAME):
        names = nss.x509_alt_name(extension.value)
        print nss.indented_format([(level+2, 'Alternate Names: [%d total]' % len(names))])
        for name in names:
            print nss.indented_format([(level+3, '%s:' % name)])

    print
Exemple #8
0
nss.nss_init_nodb()

if len(args):
    filename = args[0]

print "certificate filename=%s" % (filename)

# Read the certificate as DER encoded data
si = nss.read_der_from_file(filename, is_pem_format)
# Parse the DER encoded data returning a Certificate object
cert = nss.Certificate(si)

# Get the extension list from the certificate
extensions = cert.extensions

print nss.indented_format([(0, 'Certificate:'),
                           (1, 'Data:')])
print nss.indented_format([(2, 'Version: %d (%#x)' % (cert.version+1, cert.version))])
print nss.indented_format([(2, 'Serial Number: %d (%#x)' % (cert.serial_number, cert.serial_number))])
print nss.indented_format([(2, 'Signature Algorithm:')])
print nss.indented_format(cert.signature_algorithm.format_lines(3))
print nss.indented_format([(2, 'Issuer: "%s"' % cert.issuer)])
print nss.indented_format([(2, 'Validity:'),
                           (3, 'Not Before: %s' % cert.valid_not_before_str),
                           (3, 'Not After:  %s' % cert.valid_not_after_str)])
print nss.indented_format([(2, 'Subject: "%s"' % cert.subject)])
print nss.indented_format([(2, 'Subject Public Key Info:')])
print nss.indented_format(cert.subject_public_key_info.format_lines(3))

if len(extensions) > 0:
    print nss.indented_format([(1, 'Signed Extensions: (%d)' % len(extensions))])
    for extension in extensions:
Exemple #9
0
def print_extension(level, extension):
    print(nss.indented_format([(level, 'Name: %s' % extension.name),
                               (level, 'Critical: %s' % extension.critical)]))

    oid_tag = extension.oid_tag

    if   oid_tag == nss.SEC_OID_PKCS12_KEY_USAGE:
        print(nss.indented_format([(level, 'Usages:')]))
        print(nss.indented_format(nss.make_line_fmt_tuples(level+1, nss.x509_key_usage(extension.value))))

    elif oid_tag == nss.SEC_OID_NS_CERT_EXT_CERT_TYPE:
        print(nss.indented_format([(level, 'Types:')]))
        print(nss.indented_format(nss.make_line_fmt_tuples(level+1, nss.x509_cert_type(extension.value))))

    elif oid_tag == nss.SEC_OID_X509_SUBJECT_KEY_ID:
        print(nss.indented_format([(level, 'Data:')]))
        print(nss.indented_format(nss.make_line_fmt_tuples(level+1,
              extension.value.der_to_hex(nss.OCTETS_PER_LINE_DEFAULT))))

    elif oid_tag == nss.SEC_OID_X509_CRL_DIST_POINTS:
        pts = nss.CRLDistributionPts(extension.value)
        print(nss.indented_format([(level, 'CRL Distribution Points: [%d total]' % len(pts))]))
        for i, pt in enumerate(pts):
            print(nss.indented_format([(level+1, 'Point[%d]:' % i)]))
            names = pt.get_general_names()
            print(nss.indented_format([(level+2, 'General Names: [%d total]' % len(names))]))
            for name in names:
                print(nss.indented_format([(level+3, '%s:' % name)]))
            print(nss.indented_format([(level+2, 'Reasons: %s' % (pt.get_reasons(),))]))
            print(nss.indented_format([(level+2, 'Issuer: %s' % pt.issuer)]))

    elif oid_tag == nss.SEC_OID_X509_AUTH_INFO_ACCESS:
        aias = nss.AuthorityInfoAccesses(extension.value)
        print(nss.indented_format([(level, 'Authority Information Access: [%d total]' % len(aias))]))
        for i, aia in enumerate(aias):
            print(nss.indented_format([(level+1, 'Info[%d]:' % i)]))
            print(nss.indented_format([(level+2, 'Method: %s' % (aia.method_str,))]))
            print(nss.indented_format([(level+2, 'Location: (%s) %s' % (aia.location.type_string, aia.location.name))]))

    elif oid_tag == nss.SEC_OID_X509_AUTH_KEY_ID:
        auth_key_id = nss.AuthKeyID(extension.value)
        print(nss.indented_format([(level+1, 'Key ID:')]))
        print(nss.indented_format(nss.make_line_fmt_tuples(level+2,
              auth_key_id.key_id.to_hex(nss.OCTETS_PER_LINE_DEFAULT))))
        print(nss.indented_format([(level+1, 'Serial Number: %s' % (auth_key_id.serial_number))]))
        print(nss.indented_format([(level+1, 'Issuer:' % auth_key_id.get_general_names())]))

    elif oid_tag == nss.SEC_OID_X509_BASIC_CONSTRAINTS:
        bc = nss.BasicConstraints(extension.value)
        print(nss.indented_format([(level, '%s' % str(bc))]))

    elif oid_tag == nss.SEC_OID_X509_EXT_KEY_USAGE:
        print(nss.indented_format([(level, 'Usages:')]))
        print(nss.indented_format(nss.make_line_fmt_tuples(level+1, nss.x509_ext_key_usage(extension.value))))

    elif oid_tag in (nss.SEC_OID_X509_SUBJECT_ALT_NAME, nss.SEC_OID_X509_ISSUER_ALT_NAME):
        names = nss.x509_alt_name(extension.value)
        print(nss.indented_format([(level+2, 'Alternate Names: [%d total]' % len(names))]))
        for name in names:
            print(nss.indented_format([(level+3, '%s:' % name)]))

    print()
Exemple #10
0
def print_extension(level, extension):
    print(
        nss.indented_format([(level, 'Name: %s' % extension.name),
                             (level, 'Critical: %s' % extension.critical)]))

    oid_tag = extension.oid_tag

    if oid_tag == nss.SEC_OID_PKCS12_KEY_USAGE:
        print(nss.indented_format([(level, 'Usages:')]))
        print(
            nss.indented_format(
                nss.make_line_fmt_tuples(level + 1,
                                         nss.x509_key_usage(extension.value))))

    elif oid_tag == nss.SEC_OID_NS_CERT_EXT_CERT_TYPE:
        print(nss.indented_format([(level, 'Types:')]))
        print(
            nss.indented_format(
                nss.make_line_fmt_tuples(level + 1,
                                         nss.x509_cert_type(extension.value))))

    elif oid_tag == nss.SEC_OID_X509_SUBJECT_KEY_ID:
        print(nss.indented_format([(level, 'Data:')]))
        print(
            nss.indented_format(
                nss.make_line_fmt_tuples(
                    level + 1,
                    extension.value.der_to_hex(nss.OCTETS_PER_LINE_DEFAULT))))

    elif oid_tag == nss.SEC_OID_X509_CRL_DIST_POINTS:
        pts = nss.CRLDistributionPts(extension.value)
        print(
            nss.indented_format([
                (level, 'CRL Distribution Points: [%d total]' % len(pts))
            ]))
        for i, pt in enumerate(pts):
            print(nss.indented_format([(level + 1, 'Point[%d]:' % i)]))
            names = pt.get_general_names()
            print(
                nss.indented_format([
                    (level + 2, 'General Names: [%d total]' % len(names))
                ]))
            for name in names:
                print(nss.indented_format([(level + 3, '%s:' % name)]))
            print(
                nss.indented_format([(level + 2,
                                      'Reasons: %s' % (pt.get_reasons(), ))]))
            print(nss.indented_format([(level + 2, 'Issuer: %s' % pt.issuer)]))

    elif oid_tag == nss.SEC_OID_X509_AUTH_INFO_ACCESS:
        aias = nss.AuthorityInfoAccesses(extension.value)
        print(
            nss.indented_format([
                (level, 'Authority Information Access: [%d total]' % len(aias))
            ]))
        for i, aia in enumerate(aias):
            print(nss.indented_format([(level + 1, 'Info[%d]:' % i)]))
            print(
                nss.indented_format([(level + 2,
                                      'Method: %s' % (aia.method_str, ))]))
            print(
                nss.indented_format([
                    (level + 2, 'Location: (%s) %s' %
                     (aia.location.type_string, aia.location.name))
                ]))

    elif oid_tag == nss.SEC_OID_X509_AUTH_KEY_ID:
        auth_key_id = nss.AuthKeyID(extension.value)
        print(nss.indented_format([(level + 1, 'Key ID:')]))
        print(
            nss.indented_format(
                nss.make_line_fmt_tuples(
                    level + 2,
                    auth_key_id.key_id.to_hex(nss.OCTETS_PER_LINE_DEFAULT))))
        print(
            nss.indented_format([
                (level + 1, 'Serial Number: %s' % (auth_key_id.serial_number))
            ]))
        print(
            nss.indented_format([
                (level + 1, 'Issuer:' % auth_key_id.get_general_names())
            ]))

    elif oid_tag == nss.SEC_OID_X509_BASIC_CONSTRAINTS:
        bc = nss.BasicConstraints(extension.value)
        print(nss.indented_format([(level, '%s' % str(bc))]))

    elif oid_tag == nss.SEC_OID_X509_EXT_KEY_USAGE:
        print(nss.indented_format([(level, 'Usages:')]))
        print(
            nss.indented_format(
                nss.make_line_fmt_tuples(
                    level + 1, nss.x509_ext_key_usage(extension.value))))

    elif oid_tag in (nss.SEC_OID_X509_SUBJECT_ALT_NAME,
                     nss.SEC_OID_X509_ISSUER_ALT_NAME):
        names = nss.x509_alt_name(extension.value)
        print(
            nss.indented_format([
                (level + 2, 'Alternate Names: [%d total]' % len(names))
            ]))
        for name in names:
            print(nss.indented_format([(level + 3, '%s:' % name)]))

    print()
Exemple #11
0
print("certificate filename=%s" % (filename))

# Read the certificate as DER encoded data
si = nss.read_der_from_file(filename, options.cert_format == 'pem')
# Parse the DER encoded data returning a Certificate object
cert = nss.Certificate(si)

# Useful for comparing the internal cert rendering to what this script generates.
if options.print_cert:
    print(cert)

# Get the extension list from the certificate
extensions = cert.extensions

print(nss.indented_format([(0, 'Certificate:'), (1, 'Data:')]))
print(
    nss.indented_format([
        (2, 'Version: %d (%#x)' % (cert.version + 1, cert.version))
    ]))
print(
    nss.indented_format([
        (2,
         'Serial Number: %d (%#x)' % (cert.serial_number, cert.serial_number))
    ]))
print(nss.indented_format([(2, 'Signature Algorithm:')]))
print(nss.indented_format(cert.signature_algorithm.format_lines(3)))
print(nss.indented_format([(2, 'Issuer: "%s"' % cert.issuer)]))
print(
    nss.indented_format([(2, 'Validity:'),
                         (3, 'Not Before: %s' % cert.valid_not_before_str),
Exemple #12
0
def print_extension(level, extension):
    print nss.indented_format([(level, 'Name: %s' % extension.name),
                               (level, 'Critical: %s' % extension.critical)])

    oid_tag = extension.oid_tag

    if oid_tag == nss.SEC_OID_PKCS12_KEY_USAGE:
        print nss.indented_format([(level, 'Usages:')])
        print nss.indented_format(
            nss.make_line_fmt_tuples(level + 1,
                                     nss.x509_key_usage(extension.value)))

    elif oid_tag == nss.SEC_OID_X509_SUBJECT_KEY_ID:
        print nss.indented_format([(level, 'Data:')])
        print nss.indented_format(
            nss.make_line_fmt_tuples(
                level + 1,
                extension.value.der_to_hex(nss.OCTETS_PER_LINE_DEFAULT)))

    elif oid_tag == nss.SEC_OID_X509_CRL_DIST_POINTS:
        pts = nss.CRLDistributionPts(extension.value)
        i = 1
        print nss.indented_format([
            (level, 'CRL Distribution Points: [%d total]' % len(pts))
        ])
        for pt in pts:
            print nss.indented_format([(level + 1, 'Point[%d]:' % i)])
            names = pt.get_general_names()
            print nss.indented_format([
                (level + 2, 'General Names: [%d total]' % len(names))
            ])
            for name in names:
                print nss.indented_format([(level + 3, '%s:' % name)])
            print nss.indented_format([(level + 2,
                                        'Reasons: %s' % (pt.get_reasons(), ))])
            print nss.indented_format([(level + 2, 'Issuer: %s' % pt.issuer)])

    elif oid_tag == nss.SEC_OID_X509_AUTH_KEY_ID:
        auth_key_id = nss.AuthKeyID(extension.value)
        print nss.indented_format([(level + 1, 'Key ID:')])
        print nss.indented_format(
            nss.make_line_fmt_tuples(
                level + 2,
                auth_key_id.key_id.to_hex(nss.OCTETS_PER_LINE_DEFAULT)))
        print nss.indented_format([
            (level + 1, 'Serial Number: %s' % (auth_key_id.serial_number))
        ])
        print nss.indented_format([
            (level + 1, 'Issuer:' % auth_key_id.get_general_names())
        ])

    elif oid_tag == nss.SEC_OID_X509_BASIC_CONSTRAINTS:
        bc = nss.BasicConstraints(extension.value)
        print nss.indented_format([(level, '%s' % str(bc))])

    elif oid_tag == nss.SEC_OID_X509_EXT_KEY_USAGE:
        print nss.indented_format([(level, 'Usages:')])
        print nss.indented_format(
            nss.make_line_fmt_tuples(level + 1,
                                     nss.x509_ext_key_usage(extension.value)))

    elif oid_tag in (nss.SEC_OID_X509_SUBJECT_ALT_NAME,
                     nss.SEC_OID_X509_ISSUER_ALT_NAME):
        names = nss.x509_alt_name(extension.value)
        print nss.indented_format([
            (level + 2, 'Alternate Names: [%d total]' % len(names))
        ])
        for name in names:
            print nss.indented_format([(level + 3, '%s:' % name)])

    print