ph4r05/pyx509_parse.py

## pyx509_parse.py
from cryptography.hazmat.backends import default_backend
from cryptography.x509.base import load_pem_x509_certificate
from cryptography.hazmat.primitives.serialization import load_ssh_public_key
from cryptography.hazmat.primitives import hashes
from cryptography.x509.oid import NameOID
from cryptography.x509.oid import ExtensionOID
from cryptography import x509


def get_backend(backend=None):
    return default_backend() if backend is None else backend


def load_x509(data, backend=None):
    return load_pem_x509_certificate(data, get_backend(backend))


def get_dn_part(subject, oid=None):
    if subject is None:
        return None
    if oid is None:
        raise ValueError('Disobey wont be tolerated')

    for sub in subject:
        if oid is not None and sub.oid == oid:
            return sub.value

pem = '''
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISA2HtXeXjr4X5ITqEBPqKbwFqMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMjQwOTM5MDBaFw0x
NzA2MjIwOTM5MDBaMBoxGDAWBgNVBAMTD2hhcnJvdzMudW1waC5pbzCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4wfTuT5PlbAaxAFbPCXc1o8gm7gtn3
wnkxfBamSM3EkIr19IlKSQqiFhsYORg76cu7PYGoWmEzYjYaopdu4KgyxGdVaGy2
eB6VFlX/NYshKZ5GCIQro8bshvZXZXQksw1JfDkKWfZ2a29DylFZ/+0I+uhDRDu0
VRG1wv1xhQYIqDh/fLy1zTDN5EkzYae3SF7LY44tWry9Cc67E8KWVb4/YcA0xpue
+7AtcbdCRaF8VM3/ohVU0Gf/FNoeU4yZ+wf3NApqnjCPElgjY2CmKpdquDp/n6t2
Y67BY5NcyzSEUhrj0JFCh4YNPFckQK+pb0DGXfgDt6aRckIdYjFh4h0CAwEAAaOC
Ah0wggIZMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUc7VMi/U8f2VTAhpyvAeYJyMn
tmEwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEE
ZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZy8wJwYDVR0RBCAwHoILaGEzLnVtcGguaW+CD2hhcnJvdzMudW1waC5pbzCB
/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYB
BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCB
ngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkg
UmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUg
Q2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQu
b3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAn9ARd26/viMDUUwcn
T6ymEbyVgBVPuvcqfAvdXmLlU+PWZiDdjUjp87NZjFl+PpLXBtAHKGlb29ccM5p6
uY6F5Sgck2Vr6HpxKtoG3xtfuXQUiD+06ETq2u1zIptXkD4UzjucbFFB4ZNU/uOW
EIOeILHvLnj5AZTS7er4JnDnsp3r/NceGyhq7zxEtd5PLk794vvkdSIi63nfJdo4
DFpxD4UVxzmCitKnXYIR8eay5VidFoS56SnDbIJZBWrjiuFBwEv9IFP6ShxDXtrt
hDgMT0/PGNeBHhL4JTLxu13toyXBPkLSIOxo+pQoIJvMLMPNZHxd/cg0SbXGfuIn
vmyC
-----END CERTIFICATE-----
'''

x509crt = load_x509(pem)

print(get_dn_part(x509crt.subject, NameOID.COMMON_NAME))

ext = x509crt.extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
if ext is not None:
  print(ext.value.get_values_for_type(x509.DNSName))
	from cryptography.hazmat.backends import default_backend
	from cryptography.x509.base import load_pem_x509_certificate
	from cryptography.hazmat.primitives.serialization import load_ssh_public_key
	from cryptography.hazmat.primitives import hashes
	from cryptography.x509.oid import NameOID
	from cryptography.x509.oid import ExtensionOID
	from cryptography import x509


	def get_backend(backend=None):
	return default_backend() if backend is None else backend


	def load_x509(data, backend=None):
	return load_pem_x509_certificate(data, get_backend(backend))


	def get_dn_part(subject, oid=None):
	if subject is None:
	return None
	if oid is None:
	raise ValueError('Disobey wont be tolerated')

	for sub in subject:
	if oid is not None and sub.oid == oid:
	return sub.value

	pem = '''
	-----BEGIN CERTIFICATE-----
	MIIFDzCCA/egAwIBAgISA2HtXeXjr4X5ITqEBPqKbwFqMA0GCSqGSIb3DQEBCwUA
	MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
	ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMjQwOTM5MDBaFw0x
	NzA2MjIwOTM5MDBaMBoxGDAWBgNVBAMTD2hhcnJvdzMudW1waC5pbzCCASIwDQYJ
	KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4wfTuT5PlbAaxAFbPCXc1o8gm7gtn3
	wnkxfBamSM3EkIr19IlKSQqiFhsYORg76cu7PYGoWmEzYjYaopdu4KgyxGdVaGy2
	eB6VFlX/NYshKZ5GCIQro8bshvZXZXQksw1JfDkKWfZ2a29DylFZ/+0I+uhDRDu0
	VRG1wv1xhQYIqDh/fLy1zTDN5EkzYae3SF7LY44tWry9Cc67E8KWVb4/YcA0xpue
	+7AtcbdCRaF8VM3/ohVU0Gf/FNoeU4yZ+wf3NApqnjCPElgjY2CmKpdquDp/n6t2
	Y67BY5NcyzSEUhrj0JFCh4YNPFckQK+pb0DGXfgDt6aRckIdYjFh4h0CAwEAAaOC
	Ah0wggIZMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
	BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUc7VMi/U8f2VTAhpyvAeYJyMn
	tmEwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEE
	ZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
	b3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0
	Lm9yZy8wJwYDVR0RBCAwHoILaGEzLnVtcGguaW+CD2hhcnJvdzMudW1waC5pbzCB
	/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYB
	BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCB
	ngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkg
	UmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUg
	Q2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQu
	b3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAn9ARd26/viMDUUwcn
	T6ymEbyVgBVPuvcqfAvdXmLlU+PWZiDdjUjp87NZjFl+PpLXBtAHKGlb29ccM5p6
	uY6F5Sgck2Vr6HpxKtoG3xtfuXQUiD+06ETq2u1zIptXkD4UzjucbFFB4ZNU/uOW
	EIOeILHvLnj5AZTS7er4JnDnsp3r/NceGyhq7zxEtd5PLk794vvkdSIi63nfJdo4
	DFpxD4UVxzmCitKnXYIR8eay5VidFoS56SnDbIJZBWrjiuFBwEv9IFP6ShxDXtrt
	hDgMT0/PGNeBHhL4JTLxu13toyXBPkLSIOxo+pQoIJvMLMPNZHxd/cg0SbXGfuIn
	vmyC
	-----END CERTIFICATE-----
	'''

	x509crt = load_x509(pem)

	print(get_dn_part(x509crt.subject, NameOID.COMMON_NAME))

	ext = x509crt.extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
	if ext is not None:
	print(ext.value.get_values_for_type(x509.DNSName))