-
Notifications
You must be signed in to change notification settings - Fork 13
/
dollyx509
executable file
·66 lines (51 loc) · 2.38 KB
/
dollyx509
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/usr/bin/env python
"""
dollyx509
Clone X.509 certificates by reading a certificate and generating new key material.
Author: Emanuel Duss
"""
import argparse
import OpenSSL.crypto
def parse_args():
parser = argparse.ArgumentParser(description=__doc__, formatter_class=argparse.RawTextHelpFormatter)
parser.add_argument('-i', '--certin',metavar='inputcert', required=True,
dest='inputcert', help='Certificate to clone')
parser.add_argument('-c', '--certout',metavar='outputcert', required=True,
dest='outputcert', help='Output file of cloned certificate')
parser.add_argument('-k', '--keyout',metavar='outputkey', required=True,
dest='outputkey', help='Output file of generated private key')
parser.add_argument('--inform', choices={'pem', 'der'}, default='pem',
dest='inputformat', help='Input format of certificate')
parser.add_argument('--outform', choices={'pem', 'der'}, default='pem',
dest='outputformat', help='Output format of certificate/key')
return parser.parse_args()
class Certificate:
def __init__(self, file, format='pem'):
self.import_certificate(file, format)
def __get_filetype(self, format):
if format == 'der':
return OpenSSL.crypto.FILETYPE_ASN1
else:
return OpenSSL.crypto.FILETYPE_PEM
def import_certificate(self, file, format='pem'):
with open(file, "r") as f:
self.cert = OpenSSL.crypto.load_certificate(self.__get_filetype(format), f.read())
def clone(self):
self.key = OpenSSL.crypto.PKey()
self.key.generate_key(self.cert.get_pubkey().type(), self.cert.get_pubkey().bits())
self.cert.set_pubkey(self.key)
self.cert.sign(self.key,'sha256')
def export_certificate(self, file, format='pem'):
with open(file, "wb") as f:
f.write(OpenSSL.crypto.dump_certificate(self.__get_filetype(format), self.cert))
def export_privatekey(self, file, format='pem'):
with open(file, "wb") as f:
f.write(OpenSSL.crypto.dump_privatekey(self.__get_filetype(format), self.key))
def main():
args = parse_args()
certificate = Certificate(args.inputcert, args.inputformat)
certificate.clone()
certificate.export_certificate(args.outputcert, args.outputformat)
certificate.export_privatekey(args.outputkey, args.outputformat)
if __name__ == '__main__':
main()