Class: Ronin::CLI::Commands::CertDump Private

Inherits:

ValueProcessorCommand

• Object
• Core::CLI::Command
• Ronin::CLI::Command
• ValueProcessorCommand
• Ronin::CLI::Commands::CertDump

Includes:

CommandKit::Printing::Fields, CommandKit::Printing::Indent, CommandKit::Printing::Lists, HostAndPort

Defined in:

lib/ronin/cli/commands/cert_dump.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Prints information for SSL/TLS certificates.

Usage

ronin cert-dump [options] {HOST:PORT | URL | FILE} ...

Options

-f, --file FILE                  Optional file to read values from
-C, --common-name                Only prints the Common Name (CN)
-A, --subject-alt-names          Only prints the subjectAltNames
-E, --extensions                 Print all certificate extensions
-h, --help                       Print help information

Arguments

HOST:PORT | URL | FILE ...       A HOST:PORT, URL, or cert FILE

Examples

ronin cert-dump ssl.crt
ronin cert-dump github.com:443
ronin cert-dump https://github.com/
ronin cert-dump -C 93.184.216.34:443
ronin cert-dump -A wired.com:443

Since:

• 2.0.0

Instance Attribute Summary

Attributes inherited from ValueProcessorCommand

#files

Instance Method Summary

• #grab_cert(host, port) ⇒ Object private

  Gets the certs from the host and port, and then print it.

• #print_cert(cert) ⇒ Object private

  Prints the certificate.

• #print_cert_name(name) ⇒ Object private

  Prints the X509 name.

• #print_extension(ext) ⇒ Object private

  Prints a certificate extension.

• #print_extensions(cert) ⇒ Object private

  Prints the certificates extensions.

• #print_full_cert(cert) ⇒ Object private

  Prints the full verbose information about the certificate.

• #print_public_key(public_key) ⇒ Object private

  Prints the public key.

• #process_value(value) ⇒ Object private

  Runs the ronin cert-dump command.

Methods included from HostAndPort

#host_and_port, #host_and_port_from_url

Methods inherited from ValueProcessorCommand

#initialize, #process_file, #run

Constructor Details

This class inherits a constructor from Ronin::CLI::ValueProcessorCommand

Instance Method Details

#grab_cert(host, port) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Gets the certs from the host and port, and then print it.

Parameters:

• host (String)
• port (Integer)

Since:

• 2.1.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 134

def grab_cert(host,port)
  cert = Support::Network::SSL.get_cert(host,port)

  print_cert(cert)
end

#print_cert(cert) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the certificate.

Parameters:

• cert (Ronin::Support::Crypto::Cert)

Since:

• 2.0.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 145

def print_cert(cert)
  if options[:common_name]
    puts "#{cert.common_name}"
  elsif options[:subject_alt_names]
    if (alt_names = cert.subject_alt_names)
      alt_names.each { |name| puts name }
    end
  else
    print_full_cert(cert)
  end
end

#print_cert_name(name) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the X509 name.

Parameters:

• name (Ronin::Support::Crypto::Cert::Name)

Since:

• 2.0.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 237

def print_cert_name(name)
  fields = {}

  if name.common_name
    fields["Common Name"] = name.common_name
  end

  if name.organization
    fields["Organization"] = name.organization
  end

  if name.organizational_unit
    fields["Organizational Unit"] = name.organizational_unit
  end

  if name.locality
    fields["Locality"] = name.locality
  end

  if name.state
    fields["State"] = name.state
  end

  if name.country
    fields["Country"] = name.country
  end

  print_fields(fields)
end

#print_extension(ext) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints a certificate extension.

Parameters:

• ext (OpenSSL::X509::Extension)

Since:

• 2.0.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 285

def print_extension(ext)
  puts "#{ext.oid}:"

  indent do
    ext.value.each_line do |line|
      puts line
    end
  end
end

#print_extensions(cert) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the certificates extensions.

Parameters:

• cert (Ronin::Support::Crypto::Cert)

Since:

• 2.0.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 272

def print_extensions(cert)
  cert.extensions.each_with_index do |ext,index|
    puts if index > 0

    print_extension(ext)
  end
end

#print_full_cert(cert) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the full verbose information about the certificate.

Parameters:

• cert (Ronin::Support::Crypto::Cert)

Since:

• 2.0.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 162

def print_full_cert(cert)
  fields = {}

  fields["Serial"]     = cert.serial
  fields["Version"]    = cert.version
  fields["Not Before"] = cert.not_before if cert.not_before
  fields["Not After"]  = cert.not_after  if cert.not_after
  print_fields(fields)
  puts

  print_public_key(cert.public_key)
  puts

  puts "Subject:"
  indent do
    print_cert_name(cert.subject)

    if (alt_names = cert.subject_alt_names)
      puts "Alt Names:"
      puts

      indent do
        alt_names.each { |name| puts name }
      end
    end
  end

  puts

  puts "Issuer:"
  indent do
    print_cert_name(cert.issuer)
  end

  puts

  if options[:extensions]
    puts "Extensions:"
    indent do
      print_extensions(cert)
    end
  end
end

#print_public_key(public_key) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints the public key.

Parameters:

• public_key (OpenSSL::PKey::RSA, OpenSSL::PKey::EC)

Since:

• 2.0.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 211

def print_public_key(public_key)
  puts "Public Key:"

  indent do
    fields = {}

    case public_key
    when OpenSSL::PKey::RSA
      fields['Type'] = 'RSA'
    when OpenSSL::PKey::EC
      fields['Type'] = 'EC'
    end

    print_fields(fields)

    public_key.to_text.each_line do |line|
      puts line
    end
  end
end

#process_value(value) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Runs the ronin cert-dump command.

Parameters:

• value (String) —

  The HOST:PORT, URL, or FILE value to process.

Since:

• 2.0.0

# File 'lib/ronin/cli/commands/cert_dump.rb', line 103

def process_value(value)
  case value
  when /\A[^:]+:\d+\z/
    host, port = host_and_port(value)

    grab_cert(host,port)
  when /\Ahttps:/
    host, port = host_and_port_from_url(value)

    grab_cert(host,port)
  else
    unless File.file?(value)
      print_error "no such file or directory: #{value}"
      exit(1)
    end

    cert = Support::Crypto::Cert.load_file(value)

    print_cert(cert)
  end
end