blob: ec14fccf1d8c1243501a155d109ca8f2cb8dc908 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
#! /usr/bin/env sh
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU Affero General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option) any
# later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
# Space-separated list of supported algorithms
readonly ALGS="md5 sha1 sha256"
main()
{
# Handle opts
while getopts ":g:h" opt
do
case "$opt" in
g) DO_ALGS="$DO_ALGS $OPTARG" ;;
h) usage && exit 0 ;;
*)
printf "Invalid option passed: %s\n" "$OPTARG" >&2
;;
esac
done
shift $(( OPTIND - 1 ))
# Set algs to show by default
[ -z "$DO_ALGS" ] && DO_ALGS="$ALGS"
# Use STDIN as cert if no arguments are given
if [ -z "$*" ] || [ "$1" = "-" ]
then
no_args=1
set -- "$(mktemp)"
cat > "$1"
fi
# Generate fingerprint info for all certificates in question
for crt in "$@"
do
# Skip this certificate if it does not exist
if [ ! -f "$crt" ]
then
printf "No such file or directory: %s\n" "$crt" >&2
continue
fi
# Skip the filename if only a single file is being checked
[ "$#" -gt 1 ] && printf "%s: \n" "$crt"
# Show fingerprints for files
for alg in $DO_ALGS
do
[ "$#" -gt 1 ] && printf "%s" "\t"
printf "%-6s %s\n" "$alg" "$(fingerprint "$alg" "$crt")"
done
done
}
fingerprint()
{
openssl x509 -noout -fingerprint "-$1" -inform pem -in "$2" | awk -F= '{ print $NF }'
}
usage()
{
cat <<EOF
Usage:
$(basename "$0") -h
$(basename "$0") [file [file...]]
Generate common fingerprints for a certificate, using openssl.
Options:
-h Show this help text and exit.
EOF
}
main "$@"
|
