Implemented certificate info

Author: feketegy

cert_auth.go

@@ -18,13 +18,17 @@ import (
 	"time"
 )
 
+var commonNameCA = "Devcert Certificate Authority (CA)"
+
 // CA represents a certificate authority cert and private key.
 type CA struct {
 	Valid   bool
 	Cert    *x509.Certificate
 	PrivKey *rsa.PrivateKey
 }
 
+
+
 func buildCAPaths() (crtPath, keyPath string, err error) {
 	devcertDir, err := buildDevcertDir()
 	if err != nil {
@@ -184,7 +188,7 @@ func generateCA() (err error) {
 	ca := &x509.Certificate{
 		SerialNumber: big.NewInt(mrand.Int63()),
 		Subject: pkix.Name{
-			CommonName: "Devcert Certificate Authority (CA)",
+			CommonName: commonNameCA,
 		},
 		NotBefore:             time.Now(),
 		NotAfter:              time.Now().AddDate(5, 0, 0),

cert_info.go

@@ -0,0 +1,58 @@
+package main
+
+import (
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+	"fmt"
+	"os"
+	"strconv"
+	"strings"
+)
+
+func devcertInfo(args []string) (err error) {
+	filename := args[0]
+
+	cb, err := os.ReadFile(filename)
+	if err != nil {
+		return
+	}
+
+	certBlock, _ := pem.Decode(cb)
+	if certBlock == nil || certBlock.Type != "CERTIFICATE" {
+		err = errors.New("invalid certificate")
+		return
+	}
+
+	cert, err := x509.ParseCertificate(certBlock.Bytes)
+	if err != nil {
+		return
+	}
+
+	isCAHuman := "No"
+	if cert.IsCA {
+		isCAHuman = "Yes"
+	}
+
+	isDevcertHuman := "No"
+	if cert.Issuer.CommonName == commonNameCA {
+		isDevcertHuman = "Yes"
+	}
+
+	fmt.Printf("\nCertificate Info:")
+	fmt.Printf("\n  - Is CA: %s", isCAHuman)
+	fmt.Printf("\n  - Generated by devcert: %s", isDevcertHuman)
+	fmt.Printf("\n  - Issuer: %s", cert.Issuer.CommonName)
+
+	if !cert.IsCA {
+		fmt.Printf("\n  - Domain(s): %s", strings.Join(cert.DNSNames, ", "))
+	}
+
+	fmt.Printf("\n  - Signature Algorithm: %s", cert.SignatureAlgorithm)
+	fmt.Printf("\n  - Version: %s", strconv.Itoa(cert.Version))
+	fmt.Printf("\n  - Valid Until: %s", cert.NotAfter)
+	
+	fmt.Printf("\n")
+
+	return
+}

main.go

@@ -2,27 +2,39 @@ package main
 
 import (
 	"fmt"
-	"github.com/spf13/cobra"
 	"os"
+
+	"github.com/spf13/cobra"
 )
 
 func main() {
 
 	var rootCmd = &cobra.Command{
 		Use:   "devcert [space separated domain names]",
 		Short: "Self-signed trusted certificates for local development.",
-		Long: `Generate self-signed, trusted certificates for local development. 
-Devcert takes away the pain of creating certificates for development manually.`,
+		Long: `Generate self-signed, trusted certificates for local development.`,
 		Args: cobra.MinimumNArgs(1),
 		RunE: func(cmd *cobra.Command, args []string) error {
-			err := devcertExec(args)
-			if err != nil {
-				return err
-			}
-			return nil
+			err := devcertExec(args)			
+			return err
+		},
+	}
+
+	var infoCmd = &cobra.Command{
+		Use: "info [.crt file]",
+		Short: "Print the certificate information.",
+		Long: "Print out the certificate information that the .crt file contains.",
+		Args: cobra.ExactArgs(1),
+		RunE: func(cmd *cobra.Command, args[]string) error {
+			err := devcertInfo(args)
+			return err
 		},
 	}
 
+	// Add the info command to the CLI commands
+	rootCmd.AddCommand(infoCmd)
+
+
 	err := rootCmd.Execute()
 	if err != nil {
 		fmt.Fprintf(os.Stderr, err.Error())

readme.md

@@ -21,7 +21,7 @@ Clone this repo and compile from source using Go.
 
 ### Install a pre-built binary
 
-1. Download the binary for your platform, example macOS ARM: `curl https://github.com/primalskill/devcert/releases/download/v1.1.2/devcert_darwin_arm64 > /usr/local/bin/devcert`
+1. Download the binary for your platform, example macOS ARM: `curl https://github.com/primalskill/devcert/releases/download/v1.2.0/devcert_darwin_arm64 > /usr/local/bin/devcert`
 2. Make it an executable: `chmod +x /usr/local/bin`
 3. Generate a certificate for a local domain (see the detailed usage below): `devcert example.test`
 
@@ -68,6 +68,22 @@ Valid for:
 
 You can move the `.crt` and `.key` files to your desired location. It will be signed with the CA, no need to trust this certificate separately.
 
+## Certificate Info
+
+You can get information on a crt file by executing the following command.
+
+```
+$ devcert info path/to/crt/file.crt
+
+Certificate Info:
+  - Is CA: No
+  - Generated by devcert: Yes
+  - Issuer: Devcert Certificate Authority (CA)
+  - Domain(s): example.test, api.example.test
+  - Signature Algorithm: SHA256-RSA
+  - Version: 3
+  - Valid Until: 2024-06-16 11:08:30 +0000 UTC
+```
 ## On First Run
 
 When running the program for the first time, it will ask for running the setup process which creates the necessary directory, generate the CA and mark it as trusted.