storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/cmd/config/certsinfo.go

storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/cmd/config/certsinfo.go (about)

     1  /*
     2   * MinIO Cloud Storage, (C) 2020 MinIO, Inc.
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   */
    16  
    17  package config
    18  
    19  import (
    20  	"crypto/x509"
    21  	"crypto/x509/pkix"
    22  	"fmt"
    23  	"net/http"
    24  	"strings"
    25  
    26  	color "storj.io/minio/pkg/color"
    27  )
    28  
    29  // Extra ASN1 OIDs that we may need to handle
    30  var (
    31  	oidEmailAddress = []int{1, 2, 840, 113549, 1, 9, 1}
    32  )
    33  
    34  // printName prints the fields of a distinguished name, which include such
    35  // things as its common name and locality.
    36  func printName(names []pkix.AttributeTypeAndValue, buf *strings.Builder) []string {
    37  	values := []string{}
    38  	for _, name := range names {
    39  		oid := name.Type
    40  		if len(oid) == 4 && oid[0] == 2 && oid[1] == 5 && oid[2] == 4 {
    41  			switch oid[3] {
    42  			case 3:
    43  				values = append(values, fmt.Sprintf("CN=%s", name.Value))
    44  			case 6:
    45  				values = append(values, fmt.Sprintf("C=%s", name.Value))
    46  			case 8:
    47  				values = append(values, fmt.Sprintf("ST=%s", name.Value))
    48  			case 10:
    49  				values = append(values, fmt.Sprintf("O=%s", name.Value))
    50  			case 11:
    51  				values = append(values, fmt.Sprintf("OU=%s", name.Value))
    52  			default:
    53  				values = append(values, fmt.Sprintf("UnknownOID=%s", name.Type.String()))
    54  			}
    55  		} else if oid.Equal(oidEmailAddress) {
    56  			values = append(values, fmt.Sprintf("emailAddress=%s", name.Value))
    57  		} else {
    58  			values = append(values, fmt.Sprintf("UnknownOID=%s", name.Type.String()))
    59  		}
    60  	}
    61  	if len(values) > 0 {
    62  		buf.WriteString(values[0])
    63  		for i := 1; i < len(values); i++ {
    64  			buf.WriteString(", " + values[i])
    65  		}
    66  		buf.WriteString("\n")
    67  	}
    68  	return values
    69  }
    70  
    71  // CertificateText returns a human-readable string representation
    72  // of the certificate cert. The format is similar to the OpenSSL
    73  // way of printing certificates (not identical).
    74  func CertificateText(cert *x509.Certificate) string {
    75  	var buf strings.Builder
    76  
    77  	buf.WriteString(color.Blue("\nCertificate:\n"))
    78  	if cert.SignatureAlgorithm != x509.UnknownSignatureAlgorithm {
    79  		buf.WriteString(color.Blue("%4sSignature Algorithm: ", "") + color.Bold(fmt.Sprintf("%s\n", cert.SignatureAlgorithm)))
    80  	}
    81  
    82  	// Issuer information
    83  	buf.WriteString(color.Blue("%4sIssuer: ", ""))
    84  	printName(cert.Issuer.Names, &buf)
    85  
    86  	// Validity information
    87  	buf.WriteString(color.Blue("%4sValidity\n", ""))
    88  	buf.WriteString(color.Bold(fmt.Sprintf("%8sNot Before: %s\n", "", cert.NotBefore.Format(http.TimeFormat))))
    89  	buf.WriteString(color.Bold(fmt.Sprintf("%8sNot After : %s\n", "", cert.NotAfter.Format(http.TimeFormat))))
    90  
    91  	return buf.String()
    92  }