Adding certificate request parser #416
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Nice! Seems to work fine with CRS generated with OpenSSL, but I haven't had much luck with Windows-style CRS: Works: Doesn't work: Not sure if those examples I pulled from the web (e.g. https://docs.fileformat.com/web/csr/) are just not valid or if the CSR parser just doesn't work on them. Or maybe there is another CSR parser option to recognize these types? |
|
The problem is identified and quite simple to address. There is a check on
CSR type based on the parsing of the 1st line. OpenSSL uses 'CERTIFICATE
REQUEST', Windows-style uses 'NEW CERTIFICATE REQUEST' :o)
I'm going to push the correction. Sorry for this lack of testing.
Regards,
Stéphane.
Le lun. 5 juin 2023 à 23:12, Kelly Brazil ***@***.***> a
écrit :
… Nice! Seems to work fine with CRS generated with OpenSSL, but I haven't
had much luck with Windows-style CRS:
Works:
-----BEGIN CERTIFICATE REQUEST-----
MIICujCCAaICAQAwdTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQH
DA1TYW4gRnJhbmNpc2NvMQswCQYDVQQKDAJqYzELMAkGA1UECwwCamMxCzAJBgNV
BAMMAmpjMRowGAYJKoZIhvcNAQkBFgtpbmZvQGpjLmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKNt1WlDs8IAh6Y+V28kTNdlR7WHvC8+A/W92JY2
0GmZXjv9zGo92c512Db/DghVrCurxexyOaQSrSVfHNbDRlMb/slT/r8YM2QvXDbw
maFGTryEGYgPYtUUZcd046RMUG7gX1gq5BoQ+1QLf8bQVTDqijDSzn6TwskN/XUg
iXBRSTtRy2z3XTnu2BOSfTEEYeBJnzTtYCpyqAulvy4En2ETfJTx4HVD4Fp0pHg2
UPibwtTj4veHCXHHsUxTYDuzHyASxMsWNYun4QABpNuewOfjs6Wb6j04HgdBGUxI
NJJxx+6reAlv9it4yWPMRhut5B2W3RjfyWZ5c+7u0ndm9T8CAwEAAaAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBKjOo8ik+u9zLPRvSqojBDyCEmbVjUiRI97Wl6yD/HYtJ5
JCNdU7SNb91ggr+rRhS7dF2SfH/2rQ0MdPoVk16uYbLdLImhycEhuZJXOb4FmJfh
OTxemhhWtirbYlEj2Dz4+d3BX1qFo7bik5USGm+7kxRQ6HKgudlLy4y2CDVgSrqd
bea6f+qo/tcocPTC0SmSlMT/rR6zrcmSPrgCKTzn1oSi1HdGvSgVNcb0LKAI6J11
k2ON6Mi+YBLaCaS3vEiXyvsYcx8KQz2d9I93rX7SIbRTh6GJ1e7LCHxdD6U3MvJ0
U2eXWfbU+guaVQjjWlUb4Vz4AGL7g+ATMLFxXFyN
-----END CERTIFICATE REQUEST-----
Doesn't work:
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIERTCCAy0CAQAwZTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMQswCQYDVQQH
DAJOWTETMBEGA1UECgwKTXkgQ29tcGFueTELMAkGA1UECwwCSVQxGjAYBgNVBAMM
EXd3dy5teXdlYnNpdGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtZL8bDFANNObNNc9vk7uMzmtWrqh/qnILcew2+bQ0X03aEtHXgZhTJ7MsC+F
yEmkK5ZF9mJfJFAPlXJH5WLyEJWXkH65DxGhncSQhU1oBL2gwENYTPgTupg9l+Ro
j8NV++DSYZUjAfF72GHI3+E/xvudusHj40QqwdxcoZJ6lTzx5T9VTv4iPMAveN7M
e4yrAG3x28nrkarX8InEDGCojMtKr7wcHmEtz4mED//23X9hDUlnUpBkseBs5tgo
AAgRCzrNkidXTwuVDVmQBqA4GAaHl1pIlxD6nd3v3N7GiN0kaxpeT6vqZyFBN5p/
rM0cOnoOH9drKJHKvSuoq7g4GQIDAQABoIIBmTAaBgorBgEEAYI3DQIDMQwWCjYu
MS43NjAxLjIwNQYJKwYBBAGCNxUUMSgwJgIBBQwHZGVsbC1QQwwLZGVsbC1QQ1xE
ZXYMC0luZXRNZ3IuZXhlMHIGCisGAQQBgjcNAgIxZDBiAgEBHloATQBpAGMAcgBv
AHMAbwBmAHQAIABSAFMAQQAgAFMAQwBoAGEAbgBuAGUAbAAgAEMAcgB5AHAAdABv
AGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIDAQAwgc8GCSqGSIb3DQEJ
DjGBwTCBvjAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUHAwEweAYJ
KoZIhvcNAQkPBGswaTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAsG
CWCGSAFlAwQBKjALBglghkgBZQMEAS0wCwYJYIZIAWUDBAECMAsGCWCGSAFlAwQB
BTAHBgUrDgMCBzAKBggqhkiG9w0DBzAdBgNVHQ4EFgQUAj8Shgvl57ZIzLNXt4se
J4FfCwgwDQYJKoZIhvcNAQEFBQADggEBAFZ0RtA1q+H+xgdf19ccDzsoxqCA6NKV
WARhrNG5ryC8+f0VhFSH1NOPyEY1aMEhIZLJp2BDaoPw2G+lxeTal70VzbObk5bw
KTe3LAGWVENDVqmO3x3bFgXO5PfdFYTHMtXyyY6nZCurunFqGsovlCxuNqrQEgCD
5Q9aZ6lcT8d2W2epae5bCzZ4WxHCUEHtYeja3hYQfk9eFpaAVq4KFIoBPnGY5L+V
J1H79wda0p4+0kY1aB/PyVKNMZmuSphdeMD045hsKm6UFT+99ewq/ocKDIJX7U7V
VOgQ/53fUmJ3zqUavcg+SxrwFF8wFU59VKPSGYoMBOWEPd/5pb0rGx8=
-----END NEW CERTIFICATE REQUEST-----
Not sure if those examples I pulled from the web (e.g.
https://docs.fileformat.com/web/csr/) are just not valid or if the CSR
parser just doesn't work on them. Or maybe there is another CSR parser
option to recognize these types?
—
Reply to this email directly, view it on GitHub
<#416 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ALEGAUVSYHL4F2FB3ZXGVNTXJZDSRANCNFSM6AAAAAAY3MJCXU>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
Nice! Glad that was an easy fix. I'll pull this in and add some tests so it can go in the next release. Thanks for the contribution! |
kellyjonbrazil
added a commit
that referenced
this pull request
Jun 21, 2023
* make certificate search more robust to different line endings * use license_files instead of license_file which is deprecated * version bump * parsing extra options -e, -o, -p * fix for extra opts and different field length at option -[aeop] * test integration for extra opts -e -o -p * formatting and use ast.literal_eval instead of eval * doc update * doc update * Add a parser to parse mounted encrypted veracrypt volumes (fixes #403) * update compatibility warning message * netstat windows parser * tests * Windows route parser * tests * id should be a string * add veracrypt parser and docs * formatting * doc update * lsattr parser * Update test_lsattr.py * changed keys to lowercase * changed info * support missing data for stat * doc update * doc update * doc update * ensure compatibility warning prints even with no data * improve compatibility message * add support for dig +nsid option * New parser: srt (#415) * srt parser * changed the parser to support more complex cases * doc updates * Adding certificate request parser (#416) * Adding certificate request parser * Adding the CSR type for Windows-style CSR --------- Co-authored-by: Stg22 <stephane.for.test@gmail.com> * doc update * add csr tests * Last -x (#422) * Refactored the parser * last -x support * doc update * fix for ping on linux with missing hostname * allow less strict email decoding with a warning. * doc update * use explicit ascii decode with backslashreplace * doc update * use jc warning function instead of print for warning message * last -x shutdown fix (#423) * inject quiet setting into asn1crypto library * Parse appearance and modalias lines for mouse devices (fixes #419) (#425) The bluetoothctl device parser is implemented so that it aborts the parsing process immediately returning what it has collected so far. This is because the parser should work in hydrid way to support outputs comming from bluetoothctl devices and bluetoothctl info calls. * doc update * doc update --------- Co-authored-by: gerd <gerd.augstein@gmail.com> Co-authored-by: Jake Ob <iakopap@gmail.com> Co-authored-by: Mevaser <mevaser.rotner@gmail.com> Co-authored-by: M.R <69431152+YeahItsMeAgain@users.noreply.github.com> Co-authored-by: Stg22 <46686290+Stg22@users.noreply.github.com> Co-authored-by: Stg22 <stephane.for.test@gmail.com>
Merged
kellyjonbrazil
added a commit
that referenced
this pull request
Jun 22, 2023
* make certificate search more robust to different line endings * use license_files instead of license_file which is deprecated * version bump * parsing extra options -e, -o, -p * fix for extra opts and different field length at option -[aeop] * test integration for extra opts -e -o -p * formatting and use ast.literal_eval instead of eval * doc update * doc update * Add a parser to parse mounted encrypted veracrypt volumes (fixes #403) * update compatibility warning message * netstat windows parser * tests * Windows route parser * tests * id should be a string * add veracrypt parser and docs * formatting * doc update * lsattr parser * Update test_lsattr.py * changed keys to lowercase * changed info * support missing data for stat * doc update * doc update * doc update * ensure compatibility warning prints even with no data * improve compatibility message * add support for dig +nsid option * New parser: srt (#415) * srt parser * changed the parser to support more complex cases * doc updates * Adding certificate request parser (#416) * Adding certificate request parser * Adding the CSR type for Windows-style CSR --------- * doc update * add csr tests * Last -x (#422) * Refactored the parser * last -x support * doc update * fix for ping on linux with missing hostname * allow less strict email decoding with a warning. * doc update * use explicit ascii decode with backslashreplace * doc update * use jc warning function instead of print for warning message * last -x shutdown fix (#423) * inject quiet setting into asn1crypto library * Parse appearance and modalias lines for mouse devices (fixes #419) (#425) The bluetoothctl device parser is implemented so that it aborts the parsing process immediately returning what it has collected so far. This is because the parser should work in hydrid way to support outputs comming from bluetoothctl devices and bluetoothctl info calls. * doc update * doc update --------- Co-authored-by: gerd <gerd.augstein@gmail.com> Co-authored-by: Jake Ob <iakopap@gmail.com> Co-authored-by: Mevaser <mevaser.rotner@gmail.com> Co-authored-by: M.R <69431152+YeahItsMeAgain@users.noreply.github.com> Co-authored-by: Stg22 <46686290+Stg22@users.noreply.github.com> Co-authored-by: Stg22 <stephane.for.test@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A Certificate Request (CSR) parser has been introduced based on X.509 certificate parser.