# ![](docs/_static/logo.svg)
Tool for analysis of security certificates and their security targets (Common Criteria, NIST FIPS140-2...).
This project is developed by the [Centre for Research On Cryptography and Security](https://crocs.fi.muni.cz) at Faculty of Informatics, Masaryk University.
## Usage (CC)
The tool requires several Python packages as well as the `pdftotext` binary somewhere on the `PATH`.
The easiest way to setup the tool is to install it in a virtual environment, e.g.:
Install Python virtual environment (if not yet):
```
python3 -m pip install --upgrade pip
pip install virtualenv
```
Setup new local one named 'virt' :
```
python3 -m venv virt
. virt/bin/activate
pip install -e .
```
The following steps will do a full extraction and analysis of CC certificates:
1. Make a directory in which the certificates will be downloaded and processing will take place.
The contents of the directory are under the control of the tool, and **may be overwritten**!
2. Run `python process_certificates.py --fresh --do-download-meta <dir>` to download certificate metadata from the Common Criteria portal.
3. Run `python process_certificates.py --fresh --do-extraction-meta <dir>` to extract metadata from the downloaded Common Criteria pages.
4. Run `python process_certificates.py --fresh --do-download-certs <dir>` to download the certificate and security target PDF files. This
step takes time as there is quite a lot of files. It also takes up a lot of space (around 5GB). It is done in parallel
and the number of threads can be changed with the `-t/--threads` switch (the default is 4).
5. Run `python process_certificates.py --fresh --do-pdftotext <dir>` to convert the PDF files to text.
6. Run `python process_certificates.py --fresh --do-extraction <dir>` to extract information from the certificates and security targets.
7. Run `python process_certificates.py --fresh --do-pairing <dir>`.
8. Run `python process_certificates.py --fresh --do-processing <dir>` to run various heuristics which will create post-processed section
`processed` for every certificate (results are stored in `certificate_data_complete_processed.json`).
9. Run `python process_certificates.py --fresh --do-analysis <dir>` to perform analysis of certificates (various graphs, statistics...).
10. Open, look and enjoy graphs like `num_certs_in_years.png` or `num_certs_eal_in_years.png`. For `certid_graph.dot.pdf`
and other large graphs use Chrome to display as Adobe Acrobat Reader will fail to show whole graph.
## Extending the analysis
The analysis can be extended in several ways:
1. Additional keywords can be extracted from PDF files (modify `cert_rules.py`)
2. Data from `certificate_data_complete.json` can be analyzed in a novel way - this is why this project was concieved at the first place.
3. Help to fix problems in data extraction - some PDF files are corrupted, there are many typos even in certificate IDs...
没有合适的资源?快使用搜索试试~ 我知道了~
PyPI 官网下载 | sec-certs-0.0.0.tar.gz
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 40 浏览量
2022-01-16
03:24:34
上传
评论
收藏 68KB GZ 举报
温馨提示
共26个文件
py:17个
txt:5个
pkg-info:2个
资源来自pypi官网。 资源全名:sec-certs-0.0.0.tar.gz
资源推荐
资源详情
资源评论
收起资源包目录
sec-certs-0.0.0.tar.gz (26个子文件)
sec-certs-0.0.0
PKG-INFO 4KB
test
test_download.py 2KB
test_cc_oop.py 10KB
setup.cfg 38B
setup.py 1KB
sec_certs
constants.py 1KB
certificate.py 51KB
serialization.py 2KB
cert_processing.py 1KB
extract_certificates.py 116KB
dataset.py 50KB
configuration.py 281B
cert_rules.py 20KB
helpers.py 29KB
__init__.py 0B
analyze_certificates.py 56KB
sanity.py 2KB
download.py 6KB
files.py 1KB
README.md 3KB
sec_certs.egg-info
PKG-INFO 4KB
requires.txt 475B
SOURCES.txt 608B
entry_points.txt 121B
top_level.txt 10B
dependency_links.txt 1B
共 26 条
- 1
资源评论
挣扎的蓝藻
- 粉丝: 13w+
- 资源: 15万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功