it

2025-09-14 20:22:09 +02:00 · 2025-09-14 20:22:09 +02:00 · d7adf9ad8b
commit d7adf9ad8b
parent 39ce0e9d11
1 changed files with 40 additions and 2 deletions
--- a/providers/crtsh_provider.py
+++ b/providers/crtsh_provider.py
@ -52,6 +52,39 @@ class CrtShProvider(BaseProvider):
        """
        return True
    
+    def _parse_issuer_organization(self, issuer_dn: str) -> str:
+        """
+        Parse the issuer Distinguished Name to extract just the organization name.
+        
+        Args:
+            issuer_dn: Full issuer DN string (e.g., "C=US, O=Let's Encrypt, CN=R11")
+            
+        Returns:
+            Organization name (e.g., "Let's Encrypt") or original string if parsing fails
+        """
+        if not issuer_dn:
+            return issuer_dn
+        
+        try:
+            # Split by comma and look for O= component
+            components = [comp.strip() for comp in issuer_dn.split(',')]
+            
+            for component in components:
+                if component.startswith('O='):
+                    # Extract the value after O=
+                    org_name = component[2:].strip()
+                    # Remove quotes if present
+                    if org_name.startswith('"') and org_name.endswith('"'):
+                        org_name = org_name[1:-1]
+                    return org_name
+            
+            # If no O= component found, return the original string
+            return issuer_dn
+            
+        except Exception as e:
+            self.logger.logger.debug(f"Failed to parse issuer DN '{issuer_dn}': {e}")
+            return issuer_dn
+    
    def _parse_certificate_date(self, date_string: str) -> datetime:
        """
        Parse certificate date from crt.sh format.
@ -129,10 +162,15 @@ class CrtShProvider(BaseProvider):
        Returns:
            Comprehensive certificate metadata dictionary
        """
+        # Parse the issuer name to get just the organization
+        raw_issuer_name = cert_data.get('issuer_name', '')
+        parsed_issuer_name = self._parse_issuer_organization(raw_issuer_name)
+        
        metadata = {
            'certificate_id': cert_data.get('id'),
            'serial_number': cert_data.get('serial_number'),
-            'issuer_name': cert_data.get('issuer_name'),
+            'issuer_name': parsed_issuer_name,  # Use parsed organization name
+            #'issuer_name_full': raw_issuer_name,  # deliberately left out, because its not useful in most cases
            'issuer_ca_id': cert_data.get('issuer_ca_id'),
            'common_name': cert_data.get('common_name'),
            'not_before': cert_data.get('not_before'),
@ -339,7 +377,7 @@ class CrtShProvider(BaseProvider):
        expired_count = len(certificates) - valid_count
        expires_soon_count = sum(1 for cert in certificates if cert.get('expires_soon'))
        
-        # Get unique issuers
+        # Get unique issuers (using parsed organization names)
        unique_issuers = list(set(cert.get('issuer_name') for cert in certificates if cert.get('issuer_name')))
        
        # Find the most recent certificate