Filename: Private: No Yes Filetype: Auto ABAP Sophia Apex Azure CLI Batch Bicep C Cameligo Clojure CoffeeScript C++ C# CSP CSS Cypher Dart Dockerfile ECL Elixir Flow9 FreeMarker2 FreeMarker2 (Angle/Bracket) FreeMarker2 (Angle/Dollar) FreeMarker2 (Auto/Bracket) FreeMarker2 (Auto/Dollar) FreeMarker2 (Bracket/Bracket) FreeMarker2 (Bracket/Dollar) F# Go GraphQL Handlebars Terraform HTML Ini Java JavaScript Julia Kotlin Less Lexon Liquid Lua Modula-3 Markdown MDX MIPS DAX MySQL Objective-C Pascal Pascaligo Perl PostgreSQL PHP Plain text ATS PQ PowerShell Protobuf Pug Python Q# R Razor Redis Redshift ReStructuredText Ruby Rust Small Basic Scala Scheme Sass Shell Solidity SPARQL SQL StructuredText Swift SV Tcl Twig TypeScript TypeSpec Visual Basic V WebGPU Shading Language XML YAML Indentation: Spaces Tabs 1 2 3 4 5 6 7 8 Clone package commands import ( "crypto/sha256" "crypto/tls" "crypto/x509" "encoding/base64" "encoding/pem" "fmt" "io" "os" "github.com/spf13/cobra" "github.com/tzvetkoff-go/errors" ) // NewSPKIFPCommand ... func NewSPKIFPCommand() *cobra.Command { local := false remote := false cmd := &cobra.Command{ Use: "spkifp <domain-or-file.pem>", Short: "Generates a certificate's SPKIFP", Args: cobra.ExactArgs(1), RunE: func(cmd *cobra.Command, args []string) error { if local && remote { return errors.New("--local and --remote cannot be used simultaneously") } if !local && !remote { if args[0] == "-" { local = true } else if _, err := os.Stat(args[0]); err == nil { local = true } } pubKeys, err := extractPublicKeys(args[0], local) if err != nil { return err } for _, pubKey := range pubKeys { fmt.Println(publicKeyFingerprint(pubKey)) } return nil }, } cmd.Flags().BoolP("help", "h", false, "help message") _ = cmd.Flags().MarkHidden("help") cmd.Flags().BoolVarP(&local, "local", "l", local, "Force local mode") cmd.Flags().BoolVarP(&remote, "remote", "r", remote, "Force remote mode") return cmd } func extractPublicKeys(hostOrPath string, local bool) ([][]byte, error) { // revive:disable-line:flag-parameter if local { return extractLocalPublicKeys(hostOrPath) } return extractRemotePublicKeys(hostOrPath) } func extractLocalPublicKeys(path string) ([][]byte, error) { var certData []byte if path == "-" { certData, _ = io.ReadAll(os.Stdin) } else { certFile, err := os.Open(path) if err != nil { return nil, err } certData, err = io.ReadAll(certFile) if err != nil { return nil, err } } result := [][]byte{} var rest = certData var pemBlock *pem.Block for { pemBlock, rest = pem.Decode(rest) if pemBlock == nil { break } switch pemBlock.Type { case "CERTIFICATE": cert, err := x509.ParseCertificate(pemBlock.Bytes) if err != nil { return nil, err } pubKey, err := x509.MarshalPKIXPublicKey(cert.PublicKey) if err != nil { return nil, err } result = append(result, pubKey) case "PUBLIC KEY": result = append(result, pemBlock.Bytes) } } return result, nil } func extractRemotePublicKeys(host string) ([][]byte, error) { result := [][]byte{} tlsConfig := &tls.Config{ InsecureSkipVerify: true, } conn, err := tls.Dial("tcp", host, tlsConfig) if err != nil { return nil, err } certs := conn.ConnectionState().PeerCertificates for _, cert := range certs { pubKey, err := x509.MarshalPKIXPublicKey(cert.PublicKey) if err != nil { return nil, err } result = append(result, pubKey) } return result, nil } func publicKeyFingerprint(pubKey []byte) string { rawFP := sha256.Sum256(pubKey) return base64.StdEncoding.EncodeToString(rawFP[:]) } Paste
