Class: Rex::Parser::X509Certificate
- Inherits:
-
Object
- Object
- Rex::Parser::X509Certificate
- Defined in:
- lib/rex/parser/x509_certificate.rb
Overview
This class parses the contents of a PEM-encoded X509 certificate file containing a private key, a public key, and any appended glue certificates.
Class Method Summary collapse
-
.get_cert_file_hash(ssl_cert_file) ⇒ String
Parse a file that contains a certificate in unified PEM format and retrieve the SHA1 hash.
-
.get_cert_hash(ssl_cert) ⇒ String
Parse a certificate in unified PEM format and retrieve the SHA1 hash.
-
.parse_pem(ssl_cert) ⇒ String, Array
Parse a certificate in unified PEM format that contains a private key and one or more certificates.
-
.parse_pem_file(ssl_cert_file) ⇒ String, Array
Parse a certificate in unified PEM format from a file.
Class Method Details
.get_cert_file_hash(ssl_cert_file) ⇒ String
Parse a file that contains a certificate in unified PEM format and retrieve the SHA1 hash.
81 82 83 84 85 86 87 |
# File 'lib/rex/parser/x509_certificate.rb', line 81 def self.get_cert_file_hash(ssl_cert_file) data = '' ::File.open(ssl_cert_file, 'rb') do |fd| data << fd.read(fd.stat.size) end get_cert_hash(data) end |
.get_cert_hash(ssl_cert) ⇒ String
Parse a certificate in unified PEM format and retrieve the SHA1 hash.
65 66 67 68 69 70 71 72 73 |
# File 'lib/rex/parser/x509_certificate.rb', line 65 def self.get_cert_hash(ssl_cert) hcert = parse_pem(ssl_cert) unless hcert and hcert[0] and hcert[1] raise ArgumentError, "Could not parse a private key and certificate" end Rex::Text.sha1_raw(hcert[1].to_der) end |
.parse_pem(ssl_cert) ⇒ String, Array
Parse a certificate in unified PEM format that contains a private key and one or more certificates. The first certificate is the primary, while any additional certificates are treated as intermediary certificates. This emulates the behavior of web servers like nginx.
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/rex/parser/x509_certificate.rb', line 24 def self.parse_pem(ssl_cert) cert = nil key = nil chain = nil certs = [] ssl_cert.scan(/-----BEGIN\s*[^\-]+-----+\r?\n[^\-]*-----END\s*[^\-]+-----\r?\n?/nm).each do |pem| if pem =~ /PRIVATE KEY/ key = OpenSSL::PKey::RSA.new(pem) elsif pem =~ /CERTIFICATE/ certs << OpenSSL::X509::Certificate.new(pem) end end cert = certs.shift if certs.length > 0 chain = certs end [key, cert, chain] end |
.parse_pem_file(ssl_cert_file) ⇒ String, Array
Parse a certificate in unified PEM format from a file
51 52 53 54 55 56 57 |
# File 'lib/rex/parser/x509_certificate.rb', line 51 def self.parse_pem_file(ssl_cert_file) data = '' ::File.open(ssl_cert_file, 'rb') do |fd| data << fd.read(fd.stat.size) end parse_pem(data) end |