Python Code Help

bhtan760

Banned
Joined
Aug 11, 2013
Messages
249
Reaction score
0
import ssl

ssl.get_server_certificate(("www.sefaz.ce.gov.br",443))
cert = ssl.get_server_certificate(("www.google.com", 443)) #Retrieve SSL server certificate
cert = ssl.PEM_cert_to_DER_cert(cert) #Convert certificate to DER format
begin = cert.rfind('\x06\x03\x55\x04\x03') + 7 #Find the last occurence of this byte string indicating the CN, add 7 bytes to startpoint to account for length of byte string and padding
end = begin + ord(cert[begin - 1]) #Set endpoint to startpoint + the length of the CN
print (cert[begin:end]) #Retrieve the CN from the DER encoded certificate


"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
If 'ssl_version' is specified, use it in the connection attempt."""


def get_commonname(host,port=443):
oid='\x06\x03U\x04\x03' # Object Identifier 2.5.4.3 (COMMON NAME)
pem=ssl.get_server_certificate((host,port))
der=ssl.PEM_cert_to_DER_cert(pem)
i=der.find(oid) # find first common name (certificate authority)
if i!=-1:
i=der.find(oid,i+1) # skip and find second common name
if i!=-1:
begin=i+len(oid)+2
end=begin+ord(der[begin-1])
return der[begin:end]
return None


Hi there,
did python change its convention from print to print()

Traceback (most recent call last):
File "httplib.py", line 6, in <module>
begin = cert.rfind('\x06\x03\x55\x04\x03') + 7 #Find the last occurence of t
his byte string indicating the CN, add 7 bytes to startpoint to account for leng
th of byte string and padding
TypeError: Type str doesn't support the buffer API

and how come type str doesn't support it?
 

davidktw

Arch-Supremacy Member
Joined
Apr 15, 2010
Messages
13,547
Reaction score
1,301
Hi there,
did python change its convention from print to print()

Traceback (most recent call last):
File "httplib.py", line 6, in <module>
begin = cert.rfind('\x06\x03\x55\x04\x03') + 7 #Find the last occurence of t
his byte string indicating the CN, add 7 bytes to startpoint to account for leng
th of byte string and padding
TypeError: Type str doesn't support the buffer API

and how come type str doesn't support it?

I'm not answering your python syntax, but I'm recommending you use openssl to read you certificate rather than just obscure method.

Code:
openssl x509 -inform DER -in input.crt -noout -text

Read the stdout from the tool and then perform regex string matching for
Code:
^\s+Subject:\s+(.+)$
When performing this matching, make sure you are using multi-line matching mode.

Below is a fragment of the certificate output
Code:
# openssl x509 -inform DER -in input.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17571148398809018503 (0xf3d9425f6eaf7087)
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, CN=.....
        Validity
            Not Before: Aug 31 11:00:41 2013 GMT
            Not After : Aug 26 11:00:41 2033 GMT
        [B][COLOR="Red"]Subject: C=US, CN=abc.def.com[/COLOR][/B]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b6:03:65:bb:b7:58:66:62:dc:36:c3:e7:2a:cf:
                    ...
                    04:03:90:25:e3:68:e8:4b:be:6a:7e:ce:03:42:74:
                    b6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                58:5C:...:78:B2
            X509v3 Authority Key Identifier: 
                keyid:58:5C:6C:...9:D8:78:B2

            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
         a7:40:df:1e:b8:8c:2d:5e:7a:84:1f:c8:87:b7:85:48:8f:a8:
         ...
         bc:b5:33:a1:f1:1b:27:ac:62:41:b3:16:61:54:55:e5:a3:02:
         55:29:75:bb

Update:

Here might answer your doubt with regards to your python typing problem
http://stackoverflow.com/questions/...ss-and-type-str-doesnt-support-the-buffer-api
 
Last edited:

davidktw

Arch-Supremacy Member
Joined
Apr 15, 2010
Messages
13,547
Reaction score
1,301
say I use #2 to openssl,how come I have to open in C?

What does my post #2 has to do with C ? You can use python and open an external command process. This method is very much applicable in a unix environment.
 

bhtan760

Banned
Joined
Aug 11, 2013
Messages
249
Reaction score
0
The Python IDLE modules is better or notepad++
Is it helpful if I write a batch file say I want to install the python modules
Does eclipse support autocomplete in anyway?
Apart from py install setup.py and py helloworld.py features?
 
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ Forums. Forum members and moderators are responsible for their own posts. Please refer to our Community Guidelines and Standards and Terms and Conditions for more information.
Top