forge-pfx 0.1.1

Forge is a cli tool for converting PFX/P12 certificate files to PEM format
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

mod formatter;
mod parser;

pub use formatter::PemFormatter;
pub use parser::PfxParser;

use openssl::pkcs12::ParsedPkcs12_2 as ParsedPkcs12;
use openssl::pkey::PKey;
use openssl::pkey::Private;
use openssl::x509::X509;

/// Represents the contents of a parsed PFX file
#[derive(Debug)]
pub struct ParsedPfx {
    /// The private key
    pub private_key: PKey<Private>,
    /// The main certificate
    pub certificate: X509,
    /// Additional certificates in the chain (if any)
    pub chain: Vec<X509>,
}

impl From<ParsedPkcs12> for ParsedPfx {
    fn from(parsed: ParsedPkcs12) -> Self {
        Self {
            private_key: parsed.pkey.expect("Private key is required"),
            certificate: parsed.cert.expect("Certificate is required"),
            chain: parsed
                .ca
                .map(|stack| stack.into_iter().collect())
                .unwrap_or_default(),
        }
    }
}

/// Certificate information structure
#[derive(Debug, Clone)]
pub struct CertificateInfo {
    pub subject: String,
    pub issuer: String,
    pub serial_number: String,
    pub not_before: String,
    pub not_after: String,
    pub signature_algorithm: String,
}

impl ParsedPfx {
    /// Get certificate information as a formatted string (legacy method)
    pub fn cert_info(&self) -> String {
        let info = self.certificate_info();
        format!("Subject: {}\nIssuer: {}", info.subject, info.issuer)
    }

    /// Get detailed certificate information
    pub fn certificate_info(&self) -> CertificateInfo {
        let cert = &self.certificate;
        CertificateInfo {
            subject: format!("{:?}", cert.subject_name()),
            issuer: format!("{:?}", cert.issuer_name()),
            serial_number: cert
                .serial_number()
                .to_bn()
                .unwrap()
                .to_hex_str()
                .unwrap()
                .to_string(),
            not_before: cert.not_before().to_string(),
            not_after: cert.not_after().to_string(),
            signature_algorithm: cert.signature_algorithm().object().to_string(),
        }
    }

    /// Check if this PFX contains a certificate chain
    pub fn has_chain(&self) -> bool {
        !self.chain.is_empty()
    }

    /// Get the number of certificates in the chain
    pub fn chain_length(&self) -> usize {
        self.chain.len()
    }
}