diff options
Diffstat (limited to 'libmproxy/certutils.py')
-rw-r--r-- | libmproxy/certutils.py | 44 |
1 files changed, 41 insertions, 3 deletions
diff --git a/libmproxy/certutils.py b/libmproxy/certutils.py index aae0d7ab..5fbc9840 100644 --- a/libmproxy/certutils.py +++ b/libmproxy/certutils.py @@ -1,4 +1,4 @@ -import subprocess, os, ssl, hashlib, socket, time +import os, ssl, hashlib, socket, time from pyasn1.type import univ, constraint, char, namedtype, tag from pyasn1.codec.der.decoder import decode import OpenSSL @@ -136,7 +136,6 @@ class _GeneralNames(univ.SequenceOf): sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, 1024) - class SSLCert: def __init__(self, pemtxt): """ @@ -144,6 +143,46 @@ class SSLCert: """ self.cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, pemtxt) + @classmethod + def from_der(klass, der): + pem = ssl.DER_cert_to_PEM_cert(der) + return klass(pem) + + def digest(self, name): + return self.cert.digest(name) + + @property + def notbefore(self): + return self.cert.get_notBefore() + + @property + def notafter(self): + return self.cert.get_notAfter() + + @property + def has_expired(self): + return self.cert.has_expired() + + @property + def subject(self): + return self.cert.get_subject().get_components() + + @property + def serial(self): + return self.cert.get_serial_number() + + @property + def keyinfo(self): + pk = self.cert.get_pubkey() + types = { + OpenSSL.crypto.TYPE_RSA: "RSA", + OpenSSL.crypto.TYPE_DSA: "DSA", + } + return ( + types.get(pk.type(), "UNKNOWN"), + pk.bits() + ) + @property def cn(self): cn = None @@ -171,4 +210,3 @@ def get_remote_cert(host, port): return SSLCert(s) # end nocover - |