This repository was archived by the owner on Mar 17, 2025. It is now read-only.
forked from neozenith/get-ca-py
-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathcert_human_cli.py
executable file
·143 lines (129 loc) · 4.02 KB
/
cert_human_cli.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
#! /usr/bin/env python
# -*- coding: utf-8 -*-
"""Command line interface to request a URL and get the server cert or cert chain."""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
import argparse
import cert_human
import sys
def cli(argv):
"""Parse arguments.
Args:
argv (:obj:`list`): sys.argv or manual list of args to parse.
Returns:
(:obj:`argparse.Namespace`)
"""
fmt = argparse.ArgumentDefaultsHelpFormatter
parser = argparse.ArgumentParser(description=__doc__, formatter_class=fmt)
parser.add_argument(
"host",
metavar="HOST",
action="store",
type=str,
help="Host to get cert or cert chain from",
)
parser.add_argument(
"--port",
default=443,
action="store",
required=False,
type=int,
help="Port on host to connect to",
)
parser.add_argument(
"--method",
dest="method",
action="store",
default="requests",
required=False,
choices=["requests", "socket"],
help="Use requests.get a SSL socket to get cert or cert chain.",
)
parser.add_argument(
"--chain",
dest="chain",
action="store_true",
default=False,
required=False,
help="Print/write the cert chain instead of the cert.",
)
parser.add_argument(
"--print_mode",
dest="print_mode",
action="store",
default="info",
required=False,
choices=["info", "key", "extensions", "all"],
help="When no --write specified, print this type of information for the cert.",
)
parser.add_argument(
"--write",
dest="write",
action="store",
default="",
required=False,
help="File to write cert/cert chain to",
)
parser.add_argument(
"--overwrite",
dest="overwrite",
action="store_true",
default=False,
required=False,
help="When writing to --write and file exists, overwrite.",
)
parser.add_argument(
"--verify",
dest="verify",
action="store",
default="",
required=False,
help="PEM file to verify host, empty will disable verify, for --method requests.",
)
return parser.parse_args(argv)
def main(cli_args):
"""Process arguments and run the workflows.
Args:
cli_args (:obj:`argparse.Namespace`): Parsed args from sys.argv or list.
"""
if cli_args.chain:
store_cls = cert_human.CertChainStore
store_target = "cert chain"
else:
store_cls = cert_human.CertStore
store_target = "cert"
if cli_args.method == "requests":
verify = False if not cli_args.verify else cli_args.verify
try:
store_obj = store_cls.new_from_host_requests(
host=cli_args.host, port=cli_args.port, verify=verify
)
except cert_human.requests.exceptions.SSLError as exc:
exc = "\n ".join([x.strip() for x in format(exc).split(":")])
m = "SSL Validation Failed:\n {exc}".format(exc=exc)
print(m)
store_obj = None
elif cli_args.method == "socket":
store_obj = store_cls.new_from_host_socket(
host=cli_args.host, port=cli_args.port
)
if store_obj:
if cli_args.write:
store_obj.to_disk(path=cli_args.write, overwrite=cli_args.overwrite)
m = "** Wrote {t} in pem format to: '{p}'"
m = m.format(t=store_target, p=cli_args.write)
print(m)
else:
print_map = {
"info": "dump_str_info",
"key": "dump_str_key",
"all": "dump_str",
"extensions": "dump_str_exts",
}
mode_out = getattr(store_obj, print_map[cli_args.print_mode])
print(mode_out)
if __name__ == "__main__":
cli_args = cli(argv=sys.argv[1:])
main(cli_args)