bcollet/step-ca-inspector
1
0
Fork 0
Code Issues Pull requests Releases Packages Activity Actions

Add flag to show public key

Browse source
This commit is contained in:
Benjamin Collet 2025-01-12 11:37:38 +01:00
parent 9859b1cd29
commit d3fc2c3c52
Signed by: bcollet
SSH key fingerprint: SHA256:8UJspOIcCOS+MtSOcnuq2HjKFube4ox1s/+A62ixov4
2 changed files with 17 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
models/x509_cert.py
View file

@ -67,6 +67,9 @@ class cert:
self.sha256 = binascii.b2a_hex(cert.fingerprint(hashes.SHA256())) self.sha256 = binascii.b2a_hex(cert.fingerprint(hashes.SHA256()))
self.sha1 = binascii.b2a_hex(cert.fingerprint(hashes.SHA1())) self.sha1 = binascii.b2a_hex(cert.fingerprint(hashes.SHA1()))
self.md5 = binascii.b2a_hex(cert.fingerprint(hashes.MD5())) self.md5 = binascii.b2a_hex(cert.fingerprint(hashes.MD5()))
self.pub_key = cert.public_key().public_bytes(
serialization.Encoding.PEM, serialization.PublicFormat.SubjectPublicKeyInfo
)
self.pub_alg = cert.public_key_algorithm_oid._name self.pub_alg = cert.public_key_algorithm_oid._name
self.sig_alg = cert.signature_algorithm_oid._name self.sig_alg = cert.signature_algorithm_oid._name
self.issuer = cert.issuer.rfc4514_string() self.issuer = cert.issuer.rfc4514_string()

19
step-ca-inspector.py
View file

@ -104,7 +104,7 @@ def list_x509_certs(sort_key, revoked=False, expired=False):
print(tabulate(cert_tbl, headers="keys", tablefmt="fancy_grid")) print(tabulate(cert_tbl, headers="keys", tablefmt="fancy_grid"))
def get_x509_cert(serial, show_pem=False): def get_x509_cert(serial, show_cert=False, show_pubkey=False):
cert = x509_cert.cert.from_serial(serial) cert = x509_cert.cert.from_serial(serial)
cert_tbl = [] cert_tbl = []
@ -128,7 +128,9 @@ def get_x509_cert(serial, show_pem=False):
cert_tbl.append(["Signature algorithm", cert.sig_alg]) cert_tbl.append(["Signature algorithm", cert.sig_alg])
cert_tbl.append(["Status", cert.status]) cert_tbl.append(["Status", cert.status])
# cert_tbl.append(["Extensions", cert.extensions]) # cert_tbl.append(["Extensions", cert.extensions])
if show_pem: if show_pubkey:
cert_tbl.append(["Public key", cert.pub_key.decode("utf-8")])
if show_cert:
cert_tbl.append(["PEM", cert.pem.decode("utf-8")]) cert_tbl.append(["PEM", cert.pem.decode("utf-8")])
print(tabulate(cert_tbl, tablefmt="fancy_grid")) print(tabulate(cert_tbl, tablefmt="fancy_grid"))
@ -177,11 +179,18 @@ x509_details_parser.add_argument(
"--serial", "-s", type=str, required=True, help="Certificate serial" "--serial", "-s", type=str, required=True, help="Certificate serial"
) )
x509_details_parser.add_argument( x509_details_parser.add_argument(
"--show-pem", "--show-cert",
"-c",
action="store_true",
default=False,
help="Show certificate (PEM)",
)
x509_details_parser.add_argument(
"--show-pubkey",
"-p", "-p",
action="store_true", action="store_true",
default=False, default=False,
help="Show PEM", help="Show public key (PEM)",
) )
x509_dump_parser = x509_subparsers.add_parser("dump", help="Dump an x509 certificate") x509_dump_parser = x509_subparsers.add_parser("dump", help="Dump an x509 certificate")
x509_dump_parser.add_argument( x509_dump_parser.add_argument(
@ -240,7 +249,7 @@ if args.object == "x509":
revoked=args.show_revoked, expired=args.show_expired, sort_key=args.sort_by revoked=args.show_revoked, expired=args.show_expired, sort_key=args.sort_by
) )
elif args.action == "details": elif args.action == "details":
get_x509_cert(serial=args.serial, show_pem=args.show_pem) get_x509_cert(serial=args.serial, show_cert=args.show_cert, show_pubkey=args.show_pubkey)
elif args.action == "dump": elif args.action == "dump":
dump_x509_cert(serial=args.serial) dump_x509_cert(serial=args.serial)
elif args.object == "ssh": elif args.object == "ssh":