:py:mod:`dissect.target.helpers.certificate`
============================================

.. py:module:: dissect.target.helpers.certificate




Module Contents
---------------


Functions
~~~~~~~~~

.. autoapisummary::
   :nosignatures:

   dissect.target.helpers.certificate.compute_pem_fingerprints
   dissect.target.helpers.certificate.format_serial_number_as_hex
   dissect.target.helpers.certificate.parse_x509



Attributes
~~~~~~~~~~

.. autoapisummary::

   dissect.target.helpers.certificate.HAS_ASN1
   dissect.target.helpers.certificate.COMMON_CERTIFICATE_FIELDS
   dissect.target.helpers.certificate.CertificateRecord
   dissect.target.helpers.certificate.NAMEOID_TO_NAME


.. py:data:: HAS_ASN1
   :value: True


.. py:data:: COMMON_CERTIFICATE_FIELDS
   :value: [('digest', 'fingerprint'), ('varint', 'serial_number'), ('string', 'serial_number_hex'),...


.. py:data:: CertificateRecord

.. py:data:: NAMEOID_TO_NAME

.. py:function:: compute_pem_fingerprints(pem: str | bytes) -> tuple[str, str, str]

   Compute the MD5, SHA-1 and SHA-256 fingerprint hash of a x509 certificate PEM.


.. py:function:: format_serial_number_as_hex(serial_number: int | None) -> str | None

   Format serial_number from integer to hex.

   Add a prefix 0 if output length is not pair, in order to be consistent with usual serial_number representation
   (navigator, openssl etc...).
   For negative number use the same representation as navigator, which differ from OpenSSL.

   For example for -1337::

       OpenSSL : Serial Number: -1337 (-0x539)
       Navigator : FA C7

   :param serial_number: The serial number to format as hex.


.. py:function:: parse_x509(file: str | bytes | pathlib.Path) -> CertificateRecord

   Parses a PEM file. Returns a CertificateREcord. Does not parse a public key embedded in a x509 certificate.