github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/internal/config/certsinfo.go (about)

     1  // Copyright (c) 2015-2021 MinIO, Inc.
     2  //
     3  // This file is part of MinIO Object Storage stack
     4  //
     5  // This program is free software: you can redistribute it and/or modify
     6  // it under the terms of the GNU Affero General Public License as published by
     7  // the Free Software Foundation, either version 3 of the License, or
     8  // (at your option) any later version.
     9  //
    10  // This program is distributed in the hope that it will be useful
    11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13  // GNU Affero General Public License for more details.
    14  //
    15  // You should have received a copy of the GNU Affero General Public License
    16  // along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17  
    18  package config
    19  
    20  import (
    21  	"crypto/x509"
    22  	"crypto/x509/pkix"
    23  	"fmt"
    24  	"net/http"
    25  	"strings"
    26  
    27  	color "github.com/minio/minio/internal/color"
    28  )
    29  
    30  // Extra ASN1 OIDs that we may need to handle
    31  var (
    32  	oidEmailAddress = []int{1, 2, 840, 113549, 1, 9, 1}
    33  )
    34  
    35  // printName prints the fields of a distinguished name, which include such
    36  // things as its common name and locality.
    37  func printName(names []pkix.AttributeTypeAndValue, buf *strings.Builder) []string {
    38  	values := []string{}
    39  	for _, name := range names {
    40  		oid := name.Type
    41  		//nolint:gocritic
    42  		if len(oid) == 4 && oid[0] == 2 && oid[1] == 5 && oid[2] == 4 {
    43  			switch oid[3] {
    44  			case 3:
    45  				values = append(values, fmt.Sprintf("CN=%s", name.Value))
    46  			case 6:
    47  				values = append(values, fmt.Sprintf("C=%s", name.Value))
    48  			case 8:
    49  				values = append(values, fmt.Sprintf("ST=%s", name.Value))
    50  			case 10:
    51  				values = append(values, fmt.Sprintf("O=%s", name.Value))
    52  			case 11:
    53  				values = append(values, fmt.Sprintf("OU=%s", name.Value))
    54  			default:
    55  				values = append(values, fmt.Sprintf("UnknownOID=%s", name.Type.String()))
    56  			}
    57  		} else if oid.Equal(oidEmailAddress) {
    58  			values = append(values, fmt.Sprintf("emailAddress=%s", name.Value))
    59  		} else {
    60  			values = append(values, fmt.Sprintf("UnknownOID=%s", name.Type.String()))
    61  		}
    62  	}
    63  	if len(values) > 0 {
    64  		buf.WriteString(values[0])
    65  		for i := 1; i < len(values); i++ {
    66  			buf.WriteString(", " + values[i])
    67  		}
    68  		buf.WriteString("\n")
    69  	}
    70  	return values
    71  }
    72  
    73  // CertificateText returns a human-readable string representation
    74  // of the certificate cert. The format is similar to the OpenSSL
    75  // way of printing certificates (not identical).
    76  func CertificateText(cert *x509.Certificate) string {
    77  	var buf strings.Builder
    78  
    79  	buf.WriteString(color.Blue("\nCertificate:\n"))
    80  	if cert.SignatureAlgorithm != x509.UnknownSignatureAlgorithm {
    81  		buf.WriteString(color.Blue("%4sSignature Algorithm: ", "") + color.Bold(fmt.Sprintf("%s\n", cert.SignatureAlgorithm)))
    82  	}
    83  
    84  	// Issuer information
    85  	buf.WriteString(color.Blue("%4sIssuer: ", ""))
    86  	printName(cert.Issuer.Names, &buf)
    87  
    88  	// Validity information
    89  	buf.WriteString(color.Blue("%4sValidity\n", ""))
    90  	buf.WriteString(color.Bold(fmt.Sprintf("%8sNot Before: %s\n", "", cert.NotBefore.Format(http.TimeFormat))))
    91  	buf.WriteString(color.Bold(fmt.Sprintf("%8sNot After : %s\n", "", cert.NotAfter.Format(http.TimeFormat))))
    92  
    93  	return buf.String()
    94  }