class Ronin::CLI::Commands::CertDump
Prints information for SSL/TLS certificates.
## Usage
ronin cert-dump [options] {HOST:PORT | URL | FILE} ...
## Options
-f, --file FILE Optional file to read values from -C, --common-name Only prints the Common Name (CN) -A, --subject-alt-names Only prints the subjectAltNames -E, --extensions Print all certificate extensions -h, --help Print help information
## Arguments
HOST:PORT | URL | FILE ... A HOST:PORT, URL, or cert FILE
## Examples
ronin cert-dump ssl.crt ronin cert-dump github.com:443 ronin cert-dump https://github.com/ ronin cert-dump -C 93.184.216.34:443 ronin cert-dump -A wired.com:443
Public Instance Methods
grab_cert(host,port)
click to toggle source
Gets the certs from the host and port, and then print it.
@param [String] host
@param [Integer] port
@since 2.1.0
# File lib/ronin/cli/commands/cert_dump.rb, line 134 def grab_cert(host,port) cert = Support::Network::SSL.get_cert(host,port) print_cert(cert) end
print_cert(cert)
click to toggle source
Prints the certificate.
@param [Ronin::Support::Crypto::Cert] cert
# File lib/ronin/cli/commands/cert_dump.rb, line 145 def print_cert(cert) if options[:common_name] puts "#{cert.common_name}" elsif options[:subject_alt_names] if (alt_names = cert.subject_alt_names) alt_names.each { |name| puts name } end else print_full_cert(cert) end end
print_cert_name(name)
click to toggle source
Prints the X509 name.
@param [Ronin::Support::Crypto::Cert::Name] name
# File lib/ronin/cli/commands/cert_dump.rb, line 237 def print_cert_name(name) fields = {} if name.common_name fields["Common Name"] = name.common_name end if name.organization fields["Organization"] = name.organization end if name.organizational_unit fields["Organizational Unit"] = name.organizational_unit end if name.locality fields["Locality"] = name.locality end if name.state fields["State"] = name.state end if name.country fields["Country"] = name.country end print_fields(fields) end
print_extension(ext)
click to toggle source
Prints a certificate extension.
@param [OpenSSL::X509::Extension] ext
# File lib/ronin/cli/commands/cert_dump.rb, line 285 def print_extension(ext) puts "#{ext.oid}:" indent do ext.value.each_line do |line| puts line end end end
print_extensions(cert)
click to toggle source
Prints the certificates extensions.
@param [Ronin::Support::Crypto::Cert] cert
# File lib/ronin/cli/commands/cert_dump.rb, line 272 def print_extensions(cert) cert.extensions.each_with_index do |ext,index| puts if index > 0 print_extension(ext) end end
print_full_cert(cert)
click to toggle source
Prints the full verbose information about the certificate.
@param [Ronin::Support::Crypto::Cert] cert
# File lib/ronin/cli/commands/cert_dump.rb, line 162 def print_full_cert(cert) fields = {} fields["Serial"] = cert.serial fields["Version"] = cert.version fields["Not Before"] = cert.not_before if cert.not_before fields["Not After"] = cert.not_after if cert.not_after print_fields(fields) puts print_public_key(cert.public_key) puts puts "Subject:" indent do print_cert_name(cert.subject) if (alt_names = cert.subject_alt_names) puts "Alt Names:" puts indent do alt_names.each { |name| puts name } end end end puts puts "Issuer:" indent do print_cert_name(cert.issuer) end puts if options[:extensions] puts "Extensions:" indent do print_extensions(cert) end end end
print_public_key(public_key)
click to toggle source
Prints the public key.
@param [OpenSSL::PKey::RSA, OpenSSL::PKey::EC] public_key
# File lib/ronin/cli/commands/cert_dump.rb, line 211 def print_public_key(public_key) puts "Public Key:" indent do fields = {} case public_key when OpenSSL::PKey::RSA fields['Type'] = 'RSA' when OpenSSL::PKey::EC fields['Type'] = 'EC' end print_fields(fields) public_key.to_text.each_line do |line| puts line end end end
process_value(value)
click to toggle source
Runs the ‘ronin cert-dump` command.
@param [String] value
The `HOST:PORT`, `URL`, or `FILE` value to process.
# File lib/ronin/cli/commands/cert_dump.rb, line 103 def process_value(value) case value when /\A[^:]+:\d+\z/ host, port = host_and_port(value) grab_cert(host,port) when /\Ahttps:/ host, port = host_and_port_from_url(value) grab_cert(host,port) else unless File.file?(value) print_error "no such file or directory: #{value}" exit(1) end cert = Support::Crypto::Cert.load_file(value) print_cert(cert) end end