From 22b30c933ca4492ad89e985e5fecee7b84cb7075 Mon Sep 17 00:00:00 2001 From: Chen Zhiwei Date: Sun, 5 Sep 2021 14:56:01 +0800 Subject: [PATCH] optimize the fetch/show output --- cmd/show.go | 30 +++++++++++++++++++++++++++--- pkg/cert/show.go | 27 +++++---------------------- 2 files changed, 32 insertions(+), 25 deletions(-) diff --git a/cmd/show.go b/cmd/show.go index 1b9f653..b22874d 100644 --- a/cmd/show.go +++ b/cmd/show.go @@ -1,6 +1,7 @@ package cmd import ( + "encoding/pem" "fmt" "os" "text/tabwriter" @@ -30,9 +31,25 @@ func runShow(args []string) error { return err } - result, err := cert.GetCertOrRequestInfo(bytes) - if err != nil { - return err + block, _ := pem.Decode(bytes) + if block == nil { + return fmt.Errorf("Failed to parse certificate or csr") + } + + var result []map[string]string + + if block.Type == cert.CertReqBlockType { + result, err = cert.GetCertRequestInfo(bytes) + if err != nil { + return err + } + } else if block.Type == cert.CertBlockType { + result, err = cert.GetCertInfo(bytes) + if err != nil { + return err + } + } else { + return fmt.Errorf("Unsupported type: %s", block.Type) } writer := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', tabwriter.AlignRight) @@ -44,5 +61,12 @@ func runShow(args []string) error { writer.Flush() + // a certificate/request can contain too many tings, no need to reinvent the wheel + if block.Type == cert.CertReqBlockType { + fmt.Printf("\nCheck more info with: openssl req -noout -text -in %s\n", file) + } else if block.Type == cert.CertBlockType { + fmt.Printf("\nCheck more info with: openssl x509 -noout -text -in %s\n", file) + } + return nil } diff --git a/pkg/cert/show.go b/pkg/cert/show.go index a1a51bd..9df5f99 100644 --- a/pkg/cert/show.go +++ b/pkg/cert/show.go @@ -4,6 +4,7 @@ import ( "crypto/x509" "encoding/pem" "fmt" + "sort" "strings" ) @@ -54,18 +55,6 @@ var extensionIDToName = map[string]string{ "2.5.29.33": "Policy Mappings", } -func GetCertOrRequestInfo(bytes []byte) ([]map[string]string, error) { - block, _ := pem.Decode(bytes) - if block == nil { - return nil, fmt.Errorf("Failed to parse certificate or csr") - } - if block.Type == CertReqBlockType { - return GetCertRequestInfo(bytes) - } else { - return GetCertInfo(bytes) - } -} - func GetCertRequestInfo(bytes []byte) ([]map[string]string, error) { block, _ := pem.Decode(bytes) if block == nil { @@ -97,16 +86,12 @@ func GetCertRequestInfo(bytes []byte) ([]map[string]string, error) { } } if len(san) > 0 { + sort.Strings(san) result = append(result, map[string]string{ "Alternative Name": strings.Join(san, ", "), }) } - // a certificate request can contain too many tings, no need to reinvent the wheel - result = append(result, map[string]string{ - "\nCheck more info with": "openssl req -noout -text -in csr-filepath", - }) - return result, nil } @@ -154,6 +139,7 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) { } } if len(san) > 0 { + sort.Strings(san) result = append(result, map[string]string{ "Subject Alt Name": strings.Join(san, ", "), }) @@ -182,6 +168,7 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) { } } + sort.Strings(ku) result = append(result, map[string]string{ "Key Usage": strings.Join(ku, ", "), }) @@ -198,6 +185,7 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) { } } + sort.Strings(eku) result = append(result, map[string]string{ "Extended Key Usage": strings.Join(eku, ", "), }) @@ -217,10 +205,5 @@ func GetCertInfo(certBytes []byte) ([]map[string]string, error) { } } - // a certificate can contain too many tings, no need to reinvent the wheel - result = append(result, map[string]string{ - "\nCheck more info with": "openssl x509 -noout -text -in cert-filepath", - }) - return result, nil }