certinfo

package module
v0.1.35 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 14, 2024 License: BSD-3-Clause Imports: 28 Imported by: 3

README

OVERVIEW

Go Reference Go Report Card Go Build

paepcke.de/certinfo

  • Tired of guess all the cmd switches for [openssl|certutil|...] to decode certificates ?
  • 100% pure go, minimal imports, use as app or api (see api.go), compatible with tlsinfo, dnsinfo

INSTALL

go install paepcke.de/certinfo/cmd/certinfo@latest
DOWNLOAD (prebuild)

github.com/paepckehh/certinfo/releases

SHOWTIME

Summary of all certificates (multipart-pem-decode)

certinfo cert.pem
X509 Cert Subject           : [CN=ISRG Root X1,O=Internet Security Research Group,C=US] 
X509 Cert Status            : [VALID] [for the next 4554 days]
X509 Cert Signature Algo    : [VALID] [SHA256-RSA] 
X509 Cert Public Key        : [VALID] [RSA] [4096] [e:65537]
X509 Cert KeyPin [base64]   : [C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=] 
X509 Cert Key Usage         : [CRITICAL] [Certificate Signing] [CRL Signing] 
X509 CA Authority           : [YES]
X509 CA SelfSigned          : [VALID] [RootCA]
X509 CA Allows SubCAs       : [YES] [ALERT] [PathLen:NotDefined]
X509 Issuer Signature By    : [CN=ISRG Root X1,O=Internet Security Research Group,C=US] 
X509 Issuer Signature State : [VALID] [trusted via system trust store]

Need more details (incl. openssl-compatible-dump) ?

VERBOSE=true certinfo certs.txt
[...]

Need to parse the output?

NO_COLOR=true certinfo certs.txt | grep ... 
[...]

Need only the keypin?

PINONLY=true certinfo certs.txt
[...]

Need to review your unix system trust store?

cat /etc/ssl/* | certinfo 
[...]

Need to clean re-encode, sanitize your truststore in one file?

PEMONLY=true cat /etc/ssl/* | certinfo > truststore.pem
[..]

PlainText, ColorAnsi Console, and HTML output.

HTML=true certinfo certs.txt
[...]

TODO:

[] optional SCT log verification (online/leaky)

DOCS

pkg.go.dev/paepcke.de/certinfo

CONTRIBUTION

Yes, Please! PRs Welcome!

Documentation

Overview

package certinfo analyzes encoded keys and certificates

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Cert

func Cert(cert *x509.Certificate, r *Report) string

Cert analyzes an x509 certificate

func CertRequest

func CertRequest(csr *x509.CertificateRequest, e *reportstyle.Style) string

CertRequest analyzses an x509 csr

func CertStore

func CertStore(store []*x509.Certificate, r *Report) string

CertStore analyzes one x509 cert store

func CertStores

func CertStores(stores [][]*x509.Certificate, r *Report) string

CertStores analyzes an array of x509 cert stores

func Decode

func Decode(asciiBlock string, r *Report) string

Decode an ascii block

func DecodePem

func DecodePem(block *pem.Block, r *Report) string

DecodePem a pem block

func KeyPinBase64

func KeyPinBase64(cert *x509.Certificate) string

KeyPinBase64 generates an base64 encoded keypin

func KeyPinRaw

func KeyPinRaw(cert *x509.Certificate) string

KeyPinRaw generates an hex encoded keypin

func PrivateKey

func PrivateKey(k any, e *reportstyle.Style) string

PrivateKey reports an PrivateKey struct

func PublicKey

func PublicKey(k any, e *reportstyle.Style) string

PublicKey reports an PublicKey struct

func ReportAsAnsi

func ReportAsAnsi(asciiBlock string) string

ReportAsAnsi In : Parse any mixed ascii input. Out: Report any decodeable certificate details and clean re-encoded pem as Color Terminal Console Output

func ReportAsHTML

func ReportAsHTML(asciiBlock string) string

ReportAsHTML In : Parse any mixed ascii input. Out: Report any decodeable certificate details as HTML Code and a clean re-encoded sanitized pem as post URL.

func ReportAsMarkdown

func ReportAsMarkdown(asciiBlock string) string

ReportAsMarkdown In : Parse any mixed ascii input. Out: Report any decodeable certificate details as Markdown Code and a clean re-encoded sanitized pem as post URL.

func ReportAsText

func ReportAsText(asciiBlock string) string

ReportAsText In : Parse any mixed ascii input. Out: Report any decodeable certificate details and clean re-encoded pem as Plain ASCII Text Output.

func SanitizePEM

func SanitizePEM(asciiBlock string) string

SanitizePEM In : Parse any mixed ascii input. Out: Sanitizes and clean re-encode any decodable certificate as new pem container.

func SshDecode

func SshDecode(asciiBlock, eval string, e *reportstyle.Style) string

SshDecode decodes an ascii block ssh key

func SshDecodeCert

func SshDecodeCert(key ssh.PublicKey, comment string, options []string, rest []byte, e *reportstyle.Style) string

SshDecodeCert decodes an ssh certificate

func SshDecodePk

func SshDecodePk(keytype, dbaa string, e *reportstyle.Style) string

SshDecodePk decocdes ssh key for <any> keytype

Types

type Report

type Report struct {
	Summary    bool               // add summary view to report
	OpenSSL    bool               // add openssl view to report
	PEM        bool               // add clean re-encoded pem to report (pem sanitizer)
	PINOnly    bool               // output the base64 encoded keypin only
	PEMLink    bool               // add an URL link that posts the PEM to an external resource (eg. any pastebin clone)
	PEMPostURL string             // the URL for PEMLink, if PEMLink = false, PEMURL will be ignored
	Style      *reportstyle.Style // output report style (text,html,ansi-color-console, custom ...)
}

Report structure

Directories

Path Synopsis
cmd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL