Last active
December 4, 2024 18:14
-
-
Save JustinAzoff/7a1b92c976a2fa6e8601 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| import sys | |
| ZEEK_CERT_TEMPLATE = """#auto generated | |
| redef SSL::root_certs += { | |
| ["%(subject)s"] = "%(cert)s" | |
| }; | |
| """ | |
| def read_file(fn): | |
| with open(fn, 'rb') as f: | |
| return f.read() | |
| def hexify(s): | |
| return ''.join(f"\\x{b:02x}" for b in s) | |
| def get_subject(fn): | |
| #don't really care about the name for now, so just use the filename as the subject | |
| return os.path.basename(fn) | |
| def cert_to_zeek_string(fn): | |
| cert = hexify(read_file(fn)) | |
| subject = get_subject(fn) | |
| return ZEEK_CERT_TEMPLATE % dict(subject=subject, cert=cert) | |
| def convert_certs(cert_dir): | |
| s = "" | |
| certs = [fn for fn in os.listdir(cert_dir) if fn.endswith(".der")] | |
| for cert in certs: | |
| full = os.path.join(cert_dir, cert) | |
| s += cert_to_zeek_string(full) | |
| return s | |
| if __name__ == "__main__": | |
| path = sys.argv[1] | |
| output = sys.argv[2] | |
| out = convert_certs(path) | |
| with open(output, 'w') as f: | |
| f.write(out) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment