X509 DN cache database import scripts added

2024-11-21 17:47:09 +00:00 · 2014-12-31 16:42:46 +01:00 · 2014-12-31 16:42:46 +01:00 · ef0e2cba0f
commit ef0e2cba0f
parent 0a81ef6467
2 changed files with 93 additions and 0 deletions
--- a/bin/x509/dumpx509subject.py
+++ b/bin/x509/dumpx509subject.py
@ -0,0 +1,57 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+# Tool to dump DN from DER encoded X.509 certificate (in Base64)
+#
+# Software is free software released under the GNU General Public License version 3 and later
+#
+# Copyright (c) 2014 Alexandre Dulaunoy - a@foo.be
+
+import fileinput
+from M2Crypto import X509
+import base64
+import argparse
+import redis
+import sys
+
+argParser = argparse.ArgumentParser(description='Dump DN from X.509 certificates')
+argParser.add_argument('-c', action='store_true', default=True, help='Dump CSV')
+argParser.add_argument('-s', action='store_true', default=False, help='Store in Redis')
+argParser.add_argument('-b', default='127.0.0.1', help='Redis host (default is 127.0.0.1)')
+argParser.add_argument('-p', default=6379, help='Redis TCP port (default is 6379)')
+argParser.add_argument('-v', action='store_true', help='Verbose output')
+argParser.add_argument('-r', default='-', help='Read from a file, default is stdin')
+args = argParser.parse_args()
+
+if args.s:
+    try:
+        #Redis structure Set of (Subject) per FP
+        r = redis.StrictRedis(host=args.b, port=args.p)
+    except:
+        print "Unable to connect to the Redis server"
+        sys.exit(1)
+
+for cert in fileinput.input(args.r):
+    try:
+        fp = cert.split(",")[0]
+        certb = base64.b64decode(cert.split(",")[1])
+    except:
+        if args.v:
+            print "Padding error "+fileinput.lineno()
+        pass
+
+    try:
+        x509 = X509.load_cert_string(certb, X509.FORMAT_DER)
+    except:
+        print "At line number "+ str(fileinput.lineno()) + " parsing error"
+        pass
+    subject = x509.get_subject().as_text()
+    if subject is not None:
+        if not args.s:
+            print fp +","+ subject
+        elif args.s:
+            r.sadd(fp, subject)
+        else:
+            sys.exit(1)
+
+
--- a/bin/x509/hoststoredis.py
+++ b/bin/x509/hoststoredis.py
@ -0,0 +1,36 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+# Tool to dump IP,FP into a Redis database
+#
+# Software is free software released under the GNU General Public License version 3 and later
+#
+# Copyright (c) 2014 Alexandre Dulaunoy - a@foo.be
+
+import fileinput
+import argparse
+import redis
+import sys
+
+argParser = argparse.ArgumentParser(description='Tool to dump IP,FP into Redis')
+argParser.add_argument('-s', action='store_true', default=True, help='Store in Redis')
+argParser.add_argument('-b', default='127.0.0.1', help='Redis host (default is 127.0.0.1)')
+argParser.add_argument('-p', default=6379, help='Redis TCP port (default is 6379)')
+argParser.add_argument('-v', action='store_true', help='Verbose output')
+argParser.add_argument('-r', default='-', help='Read from a file, default is stdin')
+args = argParser.parse_args()
+
+if args.s:
+    try:
+        #Redis structure Set of (FP) per IP
+        r = redis.StrictRedis(host=args.b, port=args.p)
+    except:
+        print "Unable to connect to the Redis server"
+        sys.exit(1)
+
+for l in fileinput.input(args.r):
+    (ip, fp) = l.split(',')
+    if args.s:
+        r.sadd(ip, fp.rstrip())
+    else:
+        sys.exit(1)