working on removing dependency on cfssl.
This commit is contained in:
@@ -9,8 +9,8 @@ go_library(
|
||||
importpath = "git.wntrmute.dev/kyle/goutils/cmd/certdump",
|
||||
visibility = ["//visibility:private"],
|
||||
deps = [
|
||||
"@com_github_cloudflare_cfssl//errors",
|
||||
"@com_github_cloudflare_cfssl//helpers",
|
||||
"//certlib",
|
||||
"//lib",
|
||||
"@com_github_kr_text//:text",
|
||||
],
|
||||
)
|
||||
|
||||
@@ -12,12 +12,13 @@ import (
|
||||
"crypto/x509/pkix"
|
||||
"flag"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"io"
|
||||
"os"
|
||||
"sort"
|
||||
"strings"
|
||||
|
||||
"github.com/cloudflare/cfssl/helpers"
|
||||
"git.wntrmute.dev/kyle/goutils/certlib"
|
||||
"git.wntrmute.dev/kyle/goutils/lib"
|
||||
)
|
||||
|
||||
func certPublic(cert *x509.Certificate) string {
|
||||
@@ -208,17 +209,17 @@ func displayCert(cert *x509.Certificate) {
|
||||
}
|
||||
|
||||
func displayAllCerts(in []byte, leafOnly bool) {
|
||||
certs, err := helpers.ParseCertificatesPEM(in)
|
||||
certs, err := certlib.ParseCertificatesPEM(in)
|
||||
if err != nil {
|
||||
certs, _, err = helpers.ParseCertificatesDER(in, "")
|
||||
certs, _, err = certlib.ParseCertificatesDER(in, "")
|
||||
if err != nil {
|
||||
Warn(TranslateCFSSLError(err), "failed to parse certificates")
|
||||
lib.Warn(err, "failed to parse certificates")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if len(certs) == 0 {
|
||||
Warnx("no certificates found")
|
||||
lib.Warnx("no certificates found")
|
||||
return
|
||||
}
|
||||
|
||||
@@ -236,7 +237,7 @@ func displayAllCertsWeb(uri string, leafOnly bool) {
|
||||
ci := getConnInfo(uri)
|
||||
conn, err := tls.Dial("tcp", ci.Addr, permissiveConfig())
|
||||
if err != nil {
|
||||
Warn(err, "couldn't connect to %s", ci.Addr)
|
||||
lib.Warn(err, "couldn't connect to %s", ci.Addr)
|
||||
return
|
||||
}
|
||||
defer conn.Close()
|
||||
@@ -252,11 +253,11 @@ func displayAllCertsWeb(uri string, leafOnly bool) {
|
||||
}
|
||||
conn.Close()
|
||||
} else {
|
||||
Warn(err, "TLS verification error with server name %s", ci.Host)
|
||||
lib.Warn(err, "TLS verification error with server name %s", ci.Host)
|
||||
}
|
||||
|
||||
if len(state.PeerCertificates) == 0 {
|
||||
Warnx("no certificates found")
|
||||
lib.Warnx("no certificates found")
|
||||
return
|
||||
}
|
||||
|
||||
@@ -266,7 +267,7 @@ func displayAllCertsWeb(uri string, leafOnly bool) {
|
||||
}
|
||||
|
||||
if len(state.VerifiedChains) == 0 {
|
||||
Warnx("no verified chains found; using peer chain")
|
||||
lib.Warnx("no verified chains found; using peer chain")
|
||||
for i := range state.PeerCertificates {
|
||||
displayCert(state.PeerCertificates[i])
|
||||
}
|
||||
@@ -289,9 +290,9 @@ func main() {
|
||||
flag.Parse()
|
||||
|
||||
if flag.NArg() == 0 || (flag.NArg() == 1 && flag.Arg(0) == "-") {
|
||||
certs, err := ioutil.ReadAll(os.Stdin)
|
||||
certs, err := io.ReadAll(os.Stdin)
|
||||
if err != nil {
|
||||
Warn(err, "couldn't read certificates from standard input")
|
||||
lib.Warn(err, "couldn't read certificates from standard input")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
@@ -306,9 +307,9 @@ func main() {
|
||||
if strings.HasPrefix(filename, "https://") {
|
||||
displayAllCertsWeb(filename, leafOnly)
|
||||
} else {
|
||||
in, err := ioutil.ReadFile(filename)
|
||||
in, err := os.ReadFile(filename)
|
||||
if err != nil {
|
||||
Warn(err, "couldn't read certificate")
|
||||
lib.Warn(err, "couldn't read certificate")
|
||||
continue
|
||||
}
|
||||
|
||||
|
||||
@@ -3,13 +3,10 @@ package main
|
||||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
cferr "github.com/cloudflare/cfssl/errors"
|
||||
"github.com/kr/text"
|
||||
)
|
||||
|
||||
@@ -89,34 +86,6 @@ func sigAlgoHash(a x509.SignatureAlgorithm) string {
|
||||
}
|
||||
}
|
||||
|
||||
// TranslateCFSSLError turns a CFSSL error into a more readable string.
|
||||
func TranslateCFSSLError(err error) error {
|
||||
if err == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
// printing errors as json is terrible
|
||||
if cfsslError, ok := err.(*cferr.Error); ok {
|
||||
err = errors.New(cfsslError.Message)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
// Warnx displays a formatted error message to standard error, à la
|
||||
// warnx(3).
|
||||
func Warnx(format string, a ...interface{}) (int, error) {
|
||||
format += "\n"
|
||||
return fmt.Fprintf(os.Stderr, format, a...)
|
||||
}
|
||||
|
||||
// Warn displays a formatted error message to standard output,
|
||||
// appending the error string, à la warn(3).
|
||||
func Warn(err error, format string, a ...interface{}) (int, error) {
|
||||
format += ": %v\n"
|
||||
a = append(a, err)
|
||||
return fmt.Fprintf(os.Stderr, format, a...)
|
||||
}
|
||||
|
||||
const maxLine = 78
|
||||
|
||||
func makeIndent(n int) string {
|
||||
|
||||
Reference in New Issue
Block a user