Пример #1
0
class RevRepContent(univ.Sequence):
    """
    RevRepContent ::= SEQUENCE {
         status       SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
         revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId
                                             OPTIONAL,
         crls     [1] SEQUENCE SIZE (1..MAX) OF CertificateList
                                             OPTIONAL
    """
    componentType = namedtype.NamedTypes(
        namedtype.NamedType('status', PKIStatusInfo()),
        namedtype.OptionalNamedType('revCerts', univ.SequenceOf(
                componentType=rfc2511.CertId()
            ).subtype(
                subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
                explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
            )
        ),
        namedtype.OptionalNamedType('crls', univ.SequenceOf(
                componentType=rfc2459.CertificateList()
            ).subtype(
                subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
                explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)
            )
        )
    )
Пример #2
0
class RevRepContent(univ.Sequence):
    componentType = namedtype.NamedTypes(
        namedtype.NamedType('status', PKIStatusInfo()),
        namedtype.OptionalNamedType(
            'revCerts',
            univ.SequenceOf(componentType=rfc2511.CertId()).subtype(
                subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
                explicitTag=tag.Tag(tag.tagClassContext,
                                    tag.tagFormatConstructed, 0))),
        namedtype.OptionalNamedType(
            'crls',
            univ.SequenceOf(componentType=rfc2459.CertificateList()).subtype(
                subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
                explicitTag=tag.Tag(tag.tagClassContext,
                                    tag.tagFormatConstructed, 1))))
Пример #3
0
class CRLAnnContent(univ.SequenceOf):
    componentType = rfc2459.CertificateList()
Пример #4
0
 def setUp(self):
     self.asn1Spec = rfc2459.CertificateList()
Пример #5
0
#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
# Analyze CRLs stored in a directory and dump a JSON
#
# Software is free software released under the GNU General Public License version 3 and later
#
# Copyright (c) 2014 Alexandre Dulaunoy - [email protected]

import argparse
import sys
import os
from pyasn1_modules import rfc2459

crlspec = rfc2459.CertificateList()
from pyasn1.codec.der import decoder
import OpenSSL
import json
import binascii
import datetime

argParser = argparse.ArgumentParser(
    description='Analyze CRLs stored in a directory')
argParser.add_argument('-v', action='store_true', help='Verbose output')
argParser.add_argument('-d', help='Path where CRLs are stored')
argParser.add_argument('-j',
                       action='store_false',
                       default=True,
                       help='Toggle JSON output (default)')
args = argParser.parse_args()
Пример #6
0
# CRL can be generated with "openssl openssl ca -gencrl ..." commands.
#
import sys

from pyasn1.codec.der import decoder
from pyasn1.codec.der import encoder

from pyasn1_modules import pem
from pyasn1_modules import rfc2459

if len(sys.argv) != 1:
    print("""Usage:
$ cat crl.pem | %s""" % sys.argv[0])
    sys.exit(-1)

asn1Spec = rfc2459.CertificateList()

cnt = 0

while True:
    idx, substrate = pem.readPemBlocksFromFile(
        sys.stdin, ('-----BEGIN X509 CRL-----', '-----END X509 CRL-----'))
    if not substrate:
        break

    key, rest = decoder.decode(substrate, asn1Spec=asn1Spec)

    if rest:
        substrate = substrate[:-len(rest)]

    print(key.prettyPrint())