1、python-x509证书信息提取
class X509Cert:
cert_type = OpenSSL.crypto.FILETYPE_PEM
cert_fun = OpenSSL.crypto.load_certificate
@classmethod
def get_parse_result(cls, cert_byt: bytes) -> dict:
cert = cls.cert_fun(cls.cert_type, cert_byt)
cert_info = dict(cert_version=cert.get_version(),
cert_number=hex(cert.get_serial_number()),
cert_signature_algorithm=cert.get_signature_algorithm().decode("UTF-8"),
cert_issuer=cert_issue.commonName,
cert_expiry_date=f'{parser.parse(cert.get_notBefore().decode("UTF-8")).strftime("%Y-%m-%d %H:%M:%S")} ~ '
f'{parser.parse(cert.get_notAfter().decode("UTF-8")).strftime("%Y-%m-%d %H:%M:%S")}',
cert_expires=cert.has_expired(),
cert_public_key_length=cert.get_pubkey().bits(),
cert_pubkey_type=cert.get_pubkey().type(),
cert_subject_information={item[0].decode("utf-8"): item[1].decode("utf-8") for item in
cert_issue.get_components()},
cert_public_key=OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_PEM,
cert.get_pubkey()).decode("utf-8"),
cert_extension_count=cert.get_extension_count(),
cert_subject_components=cert.get_subject().get_components(),
)
return {"cert_info": cert_info}
2、linux命令行提取-x509
openssl x509 -in 证书文件路径 -text -noout
如:openssl x509 -in /etc/ssl/certs/GlobalSign_Root_R46.pem -text -noout
提取样例:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:d2:bb:b9:d7:23:18:9e:40:5f:0a:9d:2d:d0:df:25:67:a1
Signature Algorithm: sha384WithRSAEncryption
Issuer: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root R46
Validity
Not Before: Mar 20 00:00:00 2019 GMT
Not After : Mar 20 00:00:00 2046 GMT
Subject: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root R46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:ac:ac:74:32:e8:b3:65:e5:ba:ed:43:26:1d:a6:
89:0d:45:ba:29:88:b2:a4:1d:63:dd:d3:c1:2c:09:
57:89:39:a1:55:e9:67:34:77:0c:6e:e4:55:1d:52:
25:d2:13:6b:5e:e1:1d:a9:b7:7d:89:32:5f:0d:9e:
9f:2c:7a:63:60:40:1f:a6:b0:b6:78:8f:99:54:96:
08:58:ae:e4:06:bc:62:05:02:16:bf:af:a8:23:03:
b6:94:0f:bc:6e:6c:c2:cb:d5:a6:bb:0c:e9:f6:c1:
02:fb:21:de:66:dd:17:ab:74:42:ef:f0:74:2f:25:
f4:ea:6b:55:5b:90:db:9d:df:5e:87:0a:40:fb:ad:
19:6b:fb:f7:ca:60:88:de:da:c1:8f:d6:ae:d5:7f:
d4:3c:83:ee:d7:16:4c:83:45:33:6b:27:d0:86:d0:
1c:2d:6b:f3:ab:7d:f1:85:a9:f5:28:d2:ad:ef:f3:
84:4b:1c:87:fc:13:a3:3a:72:a2:5a:11:2b:d6:27:
71:27:ed:81:2d:6d:66:81:92:87:b4:1b:58:7a:cc:
3f:0a:fa:46:4f:4d:78:5c:f8:2b:48:e3:04:84:cb:
5d:f6:b4:6a:b3:65:fc:42:9e:51:26:23:20:cb:3d:
14:f9:81:ed:65:16:00:4f:1a:64:97:66:08:cf:8c:
7b:e3:2b:c0:9d:f9:14:f2:1b:f1:56:6a:16:bf:2c:
85:85:cd:78:38:9a:eb:42:6a:02:34:18:83:17:4e:
94:56:f8:b6:82:b5:f3:96:dd:3d:f3:be:7f:20:77:
3e:7b:19:23:6b:2c:d4:72:73:43:57:7d:e0:f8:d7:
69:4f:17:36:04:f9:c0:90:60:37:45:de:e6:0c:d8:
74:8d:ae:9c:a2:6d:74:5d:42:be:06:f5:d9:64:6e:
02:10:ac:89:b0:4c:3b:07:4d:40:7e:24:c5:8a:98:
82:79:8e:a4:a7:82:20:8d:23:fa:27:71:c9:df:c6:
41:74:a0:4d:f6:91:16:dc:46:8c:5f:29:63:31:59:
71:0c:d8:6f:c2:b6:32:7d:fb:e6:5d:53:a6:7e:15:
fc:bb:75:7c:5d:ec:f8:f6:17:1c:ec:c7:6b:19:cb:
f3:7b:f0:2b:07:a5:d9:6c:79:54:76:6c:9d:1c:a6:
6e:0e:e9:79:0c:a8:23:6a:a3:df:1b:30:31:9f:b1:
54:7b:fe:6a:cb:66:aa:dc:65:d0:a2:9e:4a:9a:07:
21:6b:81:8f:db:c4:59:fa:de:22:c0:04:9c:e3:aa:
5b:36:93:e8:3d:bd:7a:a1:9d:0b:76:b1:0b:c7:9d:
fd:cf:98:a8:06:c2:f8:2a:a3:a1:83:a0:b7:25:72:
a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
03:5C:AB:73:81:87:A8:CC:B0:A6:D5:94:E2:36:96:49:FF:05:99:2C
Signature Algorithm: sha384WithRSAEncryption
Signature Value:
7c:78:ec:f6:02:2c:bb:5b:7e:92:2b:5d:39:dc:be:d8:1d:a2:
42:33:4d:f9:ef:a4:2a:3b:44:69:1e:ac:d9:45:a3:4e:3c:a7:
d8:24:51:b2:54:1c:93:4e:c4:ef:7b:93:85:60:26:ea:09:48:
e0:f5:bb:c7:e9:68:d2:bb:6a:31:71:cc:79:ae:11:a8:f0:99:
fd:e5:1f:bc:2f:a8:cc:57:eb:76:c4:21:a6:47:53:55:4d:68:
bf:05:a4:ee:d7:26:ab:62:da:43:37:4b:e2:c6:b5:e5:b2:83:
19:3a:c7:d3:db:4d:9e:08:7a:f3:ee:cf:3e:62:fb:ac:e8:60:
cc:d1:c7:a1:5c:83:45:c4:45:cc:f3:17:6b:14:c9:04:02:3e:
d2:24:a6:79:e9:1e:ce:a2:e7:c1:59:15:9f:1d:e2:4b:9a:3e:
9f:76:08:2d:6b:d8:ba:57:14:da:83:ea:fe:8c:55:e9:d0:4e:
a9:cc:77:31:b1:44:11:7a:5c:b1:3e:d3:14:45:15:18:62:24:
13:d2:cb:4d:ce:5c:83:c1:36:f2:10:b5:0e:88:6d:b8:e1:56:
9f:89:de:96:66:39:47:64:2c:6e:4d:ae:62:7b:bf:60:74:19:
b8:56:ac:92:ac:16:32:ed:ad:68:55:fe:98:ba:d3:34:de:f4:
c9:61:c3:0e:86:f6:4b:84:60:ee:0d:7b:b5:32:58:79:91:55:
2c:81:43:b3:74:1f:7a:aa:25:9e:1d:d7:a1:8b:b9:cd:42:2e:
04:a4:66:83:4d:89:35:b6:6c:a8:36:4a:79:21:78:22:d0:42:
bc:d1:40:31:90:a1:be:04:cf:ca:67:ed:f5:f0:80:d3:60:c9:
83:2a:22:05:d0:07:3b:52:bf:0c:9e:aa:2b:f9:bb:e6:1f:8f:
25:ba:85:8d:17:1e:02:fe:5d:50:04:57:cf:fe:2d:bc:ef:5c:
c0:1a:ab:b6:9f:24:c6:df:73:68:48:90:2c:14:f4:3f:52:1a:
e4:d2:cb:14:c3:61:69:cf:e2:f9:18:c5:ba:33:9f:14:a3:04:
5d:b9:71:f7:b5:94:d8:f6:33:c1:5a:c1:34:8b:7c:9b:dd:93:
3a:e7:13:a2:70:61:9f:af:8f:eb:d8:c5:75:f8:33:66:d4:74:
67:3a:37:77:9c:e7:dd:a4:0f:76:43:66:8a:43:f2:9f:fb:0c:
42:78:63:d1:e2:0f:6f:7b:d4:a1:3d:74:97:85:b7:48:39:41:
d6:20:fc:d0:3a:b3:fa:e8:6f:c4:8a:ba:71:37:be:8b:97:b1:
78:31:4f:b3:e7:b6:03:13:ce:54:9d:ae:25:59:cc:7f:35:5f:
08:f7
6639
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
