optimize the fetch/show output

chenzhiwei · Sep 5, 2021 · 22b30c9 · 22b30c9
1 parent f01e247
commit 22b30c9
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 25 deletions.
diff --git a/cmd/show.go b/cmd/show.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+	"encoding/pem"
 	"fmt"
 	"os"
 	"text/tabwriter"
@@ -30,9 +31,25 @@ func runShow(args []string) error {
 		return err
 	}
 
-	result, err := cert.GetCertOrRequestInfo(bytes)
-	if err != nil {
-		return err
+	block, _ := pem.Decode(bytes)
+	if block == nil {
+		return fmt.Errorf("Failed to parse certificate or csr")
+	}
+
+	var result []map[string]string
+
+	if block.Type == cert.CertReqBlockType {
+		result, err = cert.GetCertRequestInfo(bytes)
+		if err != nil {
+			return err
+		}
+	} else if block.Type == cert.CertBlockType {
+		result, err = cert.GetCertInfo(bytes)
+		if err != nil {
+			return err
+		}
+	} else {
+		return fmt.Errorf("Unsupported type: %s", block.Type)
 	}
 
 	writer := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', tabwriter.AlignRight)
@@ -44,5 +61,12 @@ func runShow(args []string) error {
 
 	writer.Flush()
 
+	// a certificate/request can contain too many tings, no need to reinvent the wheel
+	if block.Type == cert.CertReqBlockType {
+		fmt.Printf("\nCheck more info with: openssl req -noout -text -in %s\n", file)
+	} else if block.Type == cert.CertBlockType {
+		fmt.Printf("\nCheck more info with: openssl x509 -noout -text -in %s\n", file)
+	}
+
 	return nil
 }
diff --git a/pkg/cert/show.go b/pkg/cert/show.go
@@ -4,6 +4,7 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
+	"sort"
 	"strings"
 )
 
@@ -54,18 +55,6 @@ var extensionIDToName = map[string]string{
 	"2.5.29.33": "Policy Mappings",
 }
 
-func GetCertOrRequestInfo(bytes []byte) ([]map[string]string, error) {
-	block, _ := pem.Decode(bytes)
-	if block == nil {
-		return nil, fmt.Errorf("Failed to parse certificate or csr")
-	}
-	if block.Type == CertReqBlockType {
-		return GetCertRequestInfo(bytes)
-	} else {
-		return GetCertInfo(bytes)
-	}
-}
-
 func GetCertRequestInfo(bytes []byte) ([]map[string]string, error) {
 	block, _ := pem.Decode(bytes)
 	if block == nil {
@@ -97,16 +86,12 @@ func GetCertRequestInfo(bytes []byte) ([]map[string]string, error) {
 		}
 	}
 	if len(san) > 0 {
+		sort.Strings(san)
 		result = append(result, map[string]string{
 			"Alternative Name": strings.Join(san, ", "),
 		})
 	}
 
-	// a certificate request can contain too many tings, no need to reinvent the wheel
-	result = append(result, map[string]string{
-		"\nCheck more info with": "openssl req -noout -text -in csr-filepath",
-	})
-
 	return result, nil
 }
 
@@ -154,6 +139,7 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) {
 			}
 		}
 		if len(san) > 0 {
+			sort.Strings(san)
 			result = append(result, map[string]string{
 				"Subject Alt Name": strings.Join(san, ", "),
 			})
@@ -182,6 +168,7 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) {
 				}
 			}
 
+			sort.Strings(ku)
 			result = append(result, map[string]string{
 				"Key Usage": strings.Join(ku, ", "),
 			})
@@ -198,6 +185,7 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) {
 				}
 			}
 
+			sort.Strings(eku)
 			result = append(result, map[string]string{
 				"Extended Key Usage": strings.Join(eku, ", "),
 			})
@@ -217,10 +205,5 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) {
 		}
 	}
 
-	// a certificate can contain too many tings, no need to reinvent the wheel
-	result = append(result, map[string]string{
-		"\nCheck more info with": "openssl x509 -noout -text -in cert-filepath",
-	})
-
 	return result, nil
 }