Added utility to list TLS CAs

8fbe1cee · Adrian Georgescu · c6155483 · 8fbe1cee
Commit 8fbe1cee authored Nov 15, 2021 by Adrian Georgescu
Hide whitespace changes
Inline Side-by-side

Showing with 41 additions and 0 deletions

cas.py resources/tls/cas.py +41 -0

No files found.
--- a/resources/tls/cas.py
+++ b/resources/tls/cas.py
+#!/usr/bin/env python3
+from gnutls.crypto import X509Certificate
+from gnutls.errors import GNUTLSError
+
+def trusted_cas(content):
+    trusted_cas = []
+    crt = ''
+    start = False
+    end = False
+
+    content = content or ''
+    content = content.decode() if isinstance(content, bytes) else content
+
+    for line in content.split("\n"):
+        if "BEGIN CERT" in line:
+            start = True
+            crt = line + "\n"
+        elif "END CERT" in line:
+            crt = crt + line + "\n"
+            end = True
+            start = False
+
+            try:
+                trusted_cas.append(X509Certificate(crt))
+            except (GNUTLSError, ValueError) as e:
+                continue
+        elif start:
+            crt = crt + line + "\n"
+
+    return trusted_cas
+
+
+if __name__ == '__main__':
+    path = "./ca.crt"
+    content = open(path, 'r').read()
+    cas = trusted_cas(content)
+ 
+    i = 1
+    for certificate in cas:
+        print('%3d %s' % (i, certificate.subject))
+        i = i + 1