From df1c5d8f6b9133d6b3ec8a4c7713b1c695339553 Mon Sep 17 00:00:00 2001 From: Lukasz Lobocki <125857607+lukasz-lobocki@users.noreply.github.com> Date: Sat, 27 Jul 2024 09:39:13 +0200 Subject: [PATCH] 22 add dnsnames emailaddresses ipaddresses uris to x509 output (#23) * refactor: Improve flags description. * feat: Add DNSNames, EmailAddresses, IPAddresses, URIs to x509 output. --- README.md | 26 +++++++++-------- cmd/columns_x509certs.go | 60 ++++++++++++++++++++++++++++++++++++++++ cmd/command_sshcerts.go | 10 +++---- cmd/command_x509certs.go | 18 ++++++++---- cmd/defs_root.go | 26 +++++++++-------- 5 files changed, 107 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index 31a7e01..d5b6946 100644 --- a/README.md +++ b/README.md @@ -17,13 +17,17 @@ step-badger x509Certs PATH [flags] ```text Flags: -e, --emit {t|j|m|o} emit format: table|json|markdown|openssl (default t) - -t, --time {i|s} time shown: iso|short (default i) + -t, --time {i|s} time format: iso|short (default i) -s, --sort {s|f} sort order: start|finish (default f) - -c, --crl crl shown - -p, --provisioner provisioner shown - -v, --valid valid shown (default true) - -r, --revoked revoked shown (default true) - -x, --expired expired shown + -d, --dnsnames DNSNames column shown + -m, --emailaddresses EmailAddresses column shown + -i, --ipaddresses IPAddresses column shown + -u, --uris URIs column shown + -c, --crl crl column shown + -p, --provisioner provisioner column shown + -v, --valid valid certificates shown (default true) + -r, --revoked revoked certificates shown (default true) + -x, --expired expired certificates shown ``` ### Example @@ -41,12 +45,12 @@ step-badger sshCerts PATH [flags] ```text Flags: -e, --emit {t|j|m} emit format: table|json|markdown (default t) - -t, --time {i|s} time shown: iso|short (default i) + -t, --time {i|s} time format: iso|short (default i) -s, --sort {s|f} sort order: start|finish (default f) - -k, --kid Key ID shown - -v, --valid valid shown (default true) - -r, --revoked revoked shown (default true) - -x, --expired expired shown + -k, --kid Key ID column shown + -v, --valid valid certificates shown (default true) + -r, --revoked revoked certificates shown (default true) + -x, --expired expired certificates shown ``` ### Example diff --git a/cmd/columns_x509certs.go b/cmd/columns_x509certs.go index c6af6ee..934c840 100644 --- a/cmd/columns_x509certs.go +++ b/cmd/columns_x509certs.go @@ -50,6 +50,66 @@ func getX509Columns() []tX509Column { contentEscapeMD: true, }, + tX509Column{ + isShown: func(tc tConfig) bool { return tc.showDNSNames }, + title: func() string { return "DNSNames" }, // Static title + titleColor: color.Bold, + + contentSource: func(x tX509CertificateWithRevocation, _ tConfig) string { + return strings.Join(x.X509Certificate.DNSNames, ", ") + }, + contentColor: func(_ tX509CertificateWithRevocation) color.Attribute { return color.FgWhite }, // Static color + contentAlignMD: ALIGN_LEFT, + contentEscapeMD: true, + }, + + tX509Column{ + isShown: func(tc tConfig) bool { return tc.showEmailAddresses }, + title: func() string { return "EmailAddresses" }, // Static title + titleColor: color.Bold, + + contentSource: func(x tX509CertificateWithRevocation, _ tConfig) string { + return strings.Join(x.X509Certificate.EmailAddresses, ", ") + }, + contentColor: func(_ tX509CertificateWithRevocation) color.Attribute { return color.FgWhite }, // Static color + contentAlignMD: ALIGN_LEFT, + contentEscapeMD: true, + }, + + tX509Column{ + isShown: func(tc tConfig) bool { return tc.showIPAddresses }, + title: func() string { return "IPAddresses" }, // Static title + titleColor: color.Bold, + + contentSource: func(x tX509CertificateWithRevocation, _ tConfig) string { + var thisIPAddresses []string + for _, thisIPAddress := range x.X509Certificate.IPAddresses { + thisIPAddresses = append(thisIPAddresses, thisIPAddress.String()) + } + return strings.Join(thisIPAddresses, ", ") + }, + contentColor: func(_ tX509CertificateWithRevocation) color.Attribute { return color.FgWhite }, // Static color + contentAlignMD: ALIGN_LEFT, + contentEscapeMD: true, + }, + + tX509Column{ + isShown: func(tc tConfig) bool { return tc.showURIs }, + title: func() string { return "URIs" }, // Static title + titleColor: color.Bold, + + contentSource: func(x tX509CertificateWithRevocation, _ tConfig) string { + var thisUris []string + for _, thisUri := range x.X509Certificate.URIs { + thisUris = append(thisUris, thisUri.String()) + } + return strings.Join(thisUris, ", ") + }, + contentColor: func(_ tX509CertificateWithRevocation) color.Attribute { return color.FgWhite }, // Static color + contentAlignMD: ALIGN_LEFT, + contentEscapeMD: true, + }, + tX509Column{ isShown: func(tc tConfig) bool { return tc.showCrl }, title: func() string { return "CRLDistributionPoints" }, // Static title diff --git a/cmd/command_sshcerts.go b/cmd/command_sshcerts.go index 7d6aee1..4b3f5b2 100644 --- a/cmd/command_sshcerts.go +++ b/cmd/command_sshcerts.go @@ -38,12 +38,12 @@ func init() { sshCertsCmd.Flags().SortFlags = false sshCertsCmd.Flags().VarP(config.emitSshFormat, "emit", "e", "emit format: table|json|markdown") // Choice - sshCertsCmd.Flags().VarP(config.timeFormat, "time", "t", "time shown: iso|short") // Choice + sshCertsCmd.Flags().VarP(config.timeFormat, "time", "t", "time format: iso|short") // Choice sshCertsCmd.Flags().VarP(config.sortOrder, "sort", "s", "sort order: start|finish") // Choice - sshCertsCmd.Flags().BoolVarP(&config.showKeyId, "kid", "k", false, "Key ID shown") - sshCertsCmd.Flags().BoolVarP(&config.showValid, "valid", "v", true, "valid shown") - sshCertsCmd.Flags().BoolVarP(&config.showRevoked, "revoked", "r", true, "revoked shown") - sshCertsCmd.Flags().BoolVarP(&config.showExpired, "expired", "x", false, "expired shown") + sshCertsCmd.Flags().BoolVarP(&config.showKeyId, "kid", "k", false, "Key ID column shown") + sshCertsCmd.Flags().BoolVarP(&config.showValid, "valid", "v", true, "valid certificates shown") + sshCertsCmd.Flags().BoolVarP(&config.showRevoked, "revoked", "r", true, "revoked certificates shown") + sshCertsCmd.Flags().BoolVarP(&config.showExpired, "expired", "x", false, "expired certificates shown") } /* diff --git a/cmd/command_x509certs.go b/cmd/command_x509certs.go index a1acf56..b5276fe 100644 --- a/cmd/command_x509certs.go +++ b/cmd/command_x509certs.go @@ -38,13 +38,19 @@ func init() { x509certsCmd.Flags().SortFlags = false x509certsCmd.Flags().VarP(config.emitX509Format, "emit", "e", "emit format: table|json|markdown|openssl") // Choice - x509certsCmd.Flags().VarP(config.timeFormat, "time", "t", "time shown: iso|short") // Choice + x509certsCmd.Flags().VarP(config.timeFormat, "time", "t", "time format: iso|short") // Choice x509certsCmd.Flags().VarP(config.sortOrder, "sort", "s", "sort order: start|finish") // Choice - x509certsCmd.Flags().BoolVarP(&config.showCrl, "crl", "c", false, "crl shown") - x509certsCmd.Flags().BoolVarP(&config.showProvisioner, "provisioner", "p", false, "provisioner shown") - x509certsCmd.Flags().BoolVarP(&config.showValid, "valid", "v", true, "valid shown") - x509certsCmd.Flags().BoolVarP(&config.showRevoked, "revoked", "r", true, "revoked shown") - x509certsCmd.Flags().BoolVarP(&config.showExpired, "expired", "x", false, "expired shown") + + x509certsCmd.Flags().BoolVarP(&config.showDNSNames, "dnsnames", "d", false, "DNSNames column shown") + x509certsCmd.Flags().BoolVarP(&config.showEmailAddresses, "emailaddresses", "m", false, "EmailAddresses column shown") + x509certsCmd.Flags().BoolVarP(&config.showIPAddresses, "ipaddresses", "i", false, "IPAddresses column shown") + x509certsCmd.Flags().BoolVarP(&config.showURIs, "uris", "u", false, "URIs column shown") + x509certsCmd.Flags().BoolVarP(&config.showCrl, "crl", "c", false, "crl column shown") + x509certsCmd.Flags().BoolVarP(&config.showProvisioner, "provisioner", "p", false, "provisioner column shown") + + x509certsCmd.Flags().BoolVarP(&config.showValid, "valid", "v", true, "valid certificates shown") + x509certsCmd.Flags().BoolVarP(&config.showRevoked, "revoked", "r", true, "revoked certificates shown") + x509certsCmd.Flags().BoolVarP(&config.showExpired, "expired", "x", false, "expired certificates shown") } /* diff --git a/cmd/defs_root.go b/cmd/defs_root.go index 688e0cf..781121d 100644 --- a/cmd/defs_root.go +++ b/cmd/defs_root.go @@ -41,16 +41,20 @@ func initChoices() { Configuration structure */ type tConfig struct { - emitSshFormat *tChoice - emitX509Format *tChoice - showCrl bool - showKeyId bool - sortOrder *tChoice - showValid bool - showExpired bool - showRevoked bool - showProvisioner bool - timeFormat *tChoice + emitSshFormat *tChoice + emitX509Format *tChoice + showCrl bool + showKeyId bool + sortOrder *tChoice + showValid bool + showExpired bool + showRevoked bool + showProvisioner bool + timeFormat *tChoice + showDNSNames bool + showEmailAddresses bool + showIPAddresses bool + showURIs bool } /* @@ -106,7 +110,7 @@ func getThisAlignChar() map[int]string { } /* -escapeMarkdown returns same string but safeguarderd against markdown interpretation +escapeMarkdown returns same string but safeguarded against markdown interpretation 'text' text to be safeguarded */