Class: Ronin::CLI::Commands::CertDump Private

Inherits:
ValueProcessorCommand show all
Includes:
CommandKit::Printing::Fields, CommandKit::Printing::Indent, CommandKit::Printing::Lists, HostAndPort, Support::Network::SSL::Mixin
Defined in:
lib/ronin/cli/commands/cert_dump.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Prints information for SSL/TLS certificates.

Usage

ronin cert-dump [options] {HOST:PORT | URL | FILE} ...

Options

-f, --file FILE                  Optional file to read values from
-C, --common-name                Only prints the Common Name (CN)
-A, --subject-alt-names          Only prints the subjectAltNames
-E, --extensions                 Print all certificate extensions
-h, --help                       Print help information

Arguments

HOST:PORT | URL | FILE ...       A HOST:PORT, URL, or cert FILE

Examples

ronin cert-dump ssl.crt
ronin cert-dump github.com:443
ronin cert-dump https://github.com/
ronin cert-dump -C 93.184.216.34:443
ronin cert-dump -A wired.com:443

Since:

  • 2.0.0

Instance Attribute Summary

Attributes inherited from ValueProcessorCommand

#files

Instance Method Summary collapse

Methods included from HostAndPort

#host_and_port, #host_and_port_from_url

Methods inherited from ValueProcessorCommand

#initialize, #process_file, #run

Constructor Details

This class inherits a constructor from Ronin::CLI::ValueProcessorCommand

Instance Method Details

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the certificate.

Parameters:

  • cert (Ronin::Support::Crypto::Cert)

Since:

  • 2.0.0



129
130
131
132
133
134
135
136
137
138
139
# File 'lib/ronin/cli/commands/cert_dump.rb', line 129

def print_cert(cert)
  if options[:common_name]
    puts "#{cert.common_name}"
  elsif options[:subject_alt_names]
    if (alt_names = cert.subject_alt_names)
      alt_names.each { |name| puts name }
    end
  else
    print_full_cert(cert)
  end
end

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the X509 name.

Parameters:

  • name (Ronin::Support::Crypto::Cert::Name)

Since:

  • 2.0.0



221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
# File 'lib/ronin/cli/commands/cert_dump.rb', line 221

def print_cert_name(name)
  fields = {}

  if name.common_name
    fields["Common Name"] = name.common_name
  end

  if name.organization
    fields["Organization"] = name.organization
  end

  if name.organizational_unit
    fields["Organizational Unit"] = name.organizational_unit
  end

  if name.locality
    fields["Locality"] = name.locality
  end

  if name.state
    fields["State"] = name.state
  end

  if name.country
    fields["Country"] = name.country
  end

  print_fields(fields)
end

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints a certificate extension.

Parameters:

  • ext (OpenSSL::X509::Extension)

Since:

  • 2.0.0



269
270
271
272
273
274
275
276
277
# File 'lib/ronin/cli/commands/cert_dump.rb', line 269

def print_extension(ext)
  puts "#{ext.oid}:"

  indent do
    ext.value.each_line do |line|
      puts line
    end
  end
end

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the certificates extensions.

Parameters:

  • cert (Ronin::Support::Crypto::Cert)

Since:

  • 2.0.0



256
257
258
259
260
261
262
# File 'lib/ronin/cli/commands/cert_dump.rb', line 256

def print_extensions(cert)
  cert.extensions.each_with_index do |ext,index|
    puts if index > 0

    print_extension(ext)
  end
end

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the full verbose information about the certificate.

Parameters:

  • cert (Ronin::Support::Crypto::Cert)

Since:

  • 2.0.0



146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
# File 'lib/ronin/cli/commands/cert_dump.rb', line 146

def print_full_cert(cert)
  fields = {}

  fields["Serial"]     = cert.serial
  fields["Version"]    = cert.version
  fields["Not Before"] = cert.not_before if cert.not_before
  fields["Not After"]  = cert.not_after  if cert.not_after
  print_fields(fields)
  puts

  print_public_key(cert.public_key)
  puts

  puts "Subject:"
  indent do
    print_cert_name(cert.subject)

    if (alt_names = cert.subject_alt_names)
      puts "Alt Names:"
      puts

      indent do
        alt_names.each { |name| puts name }
      end
    end
  end

  puts

  puts "Issuer:"
  indent do
    print_cert_name(cert.issuer)
  end

  puts

  if options[:extensions]
    puts "Extensions:"
    indent do
      print_extensions(cert)
    end
  end
end

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the public key.

Parameters:

  • public_key (OpenSSL::PKey::RSA, OpenSSL::PKey::EC)

Since:

  • 2.0.0



195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
# File 'lib/ronin/cli/commands/cert_dump.rb', line 195

def print_public_key(public_key)
  puts "Public Key:"

  indent do
    fields = {}

    case public_key
    when OpenSSL::PKey::RSA
      fields['Type'] = 'RSA'
    when OpenSSL::PKey::EC
      fields['Type'] = 'EC'
    end

    print_fields(fields)

    public_key.to_text.each_line do |line|
      puts line
    end
  end
end

#process_value(value) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Runs the ronin cert-dump command.

Parameters:

  • value (String)

    The HOST:PORT, URL, or FILE value to process.

Since:

  • 2.0.0



102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# File 'lib/ronin/cli/commands/cert_dump.rb', line 102

def process_value(value)
  case value
  when /\A[^:]+:\d+\z/
    host, port = host_and_port(value)

    print_cert(ssl_cert(host,port))
  when /\Ahttps:/
    host, port = host_and_port_from_url(value)

    print_cert(ssl_cert(host,port))
  else
    unless File.file?(value)
      print_error "no such file or directory: #{value}"
      exit(1)
    end

    cert = Support::Crypto::Cert.load_file(value)

    print_cert(cert)
  end
end