from cryptography import x509
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from OpenSSL import crypto
import tkinter 
import tkinter.filedialog 
root=tkinter.Tk()
root.withdraw()
path=tkinter.filedialog.askopenfilename(title="选择公钥文件",filetypes=[("PEM files","*.pem")])
with open(path, 'rb') as f:
    public_key = f.read()
#加载公钥
public_key = crypto.load_publickey(crypto.FILETYPE_PEM, public_key)
path=tkinter.filedialog.askopenfilename(title="选择私钥文件",filetypes=[("PEM files","*.pem")])
with open(path, 'rb') as f:
    private_key = f.read()
#加载私钥
private_key = crypto.load_privatekey(crypto.FILETYPE_PEM, private_key)
#加载证书
path=tkinter.filedialog.askopenfilename(title="选择证书文件",filetypes=[("PEM files","*.pem")])
with open(path, 'rb') as f:
    cert_pem = f.read()
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_pem)
print("Certificate:\n", cert_pem.decode())
#输出证书相关信息
print("Subject: ", cert.get_subject().CN)
print("Issuer: ", cert.get_issuer().CN)
print("Serial Number: ", hex(cert.get_serial_number()))
print("Not Before: ", cert.get_notBefore())
print("Not After: ", cert.get_notAfter())
# 验证证书
store = crypto.X509Store()
store.add_cert(cert)
store_ctx = crypto.X509StoreContext(store, cert)
try:
    if store_ctx.verify_certificate():
        print("Certificate is valid.")
except crypto.X509StoreContextError as e:   
    print("Certificate is invalid:", e)