ShadowArch/UserScripts/sslinfo

#!/bin/bash

# File: sslinfo
#
# Description: This file takes an SSL file and prints
#              useful human-readable information about it.
#
# Package: AniNIX/ShadowArch
# Copyright: WTFPL
#
# Author: DarkFeather <ircs://aninix.net:6697/DarkFeather>

# Sanity checks
set -Eeo pipefail

# Default variables
port=443
option="-text"
unset dump
unset host
unset modulus
unset machinereadable
unset showserial
regex='Subject:|Subject Alt|Issuer:|Not |DNS:|IP Addr|Signature Algorithm'

# Show Usage
function Usage() {
    echo "Usage: $0 [ -p port ] [ -r regex | -a | -s ] -t TARGET"
    echo "       $0 -V"
    echo "       $0 -h"
    echo
    echo "Adding -m will make it machine readable, and -v will increase verbosity."
    echo "The -a will show all output."
    echo "The -s will show the serial for the certificate."
    echo "The -h will show helptext."
    echo "The -V option will show version"
    echo "TARGET can be a hostname, request, or certificate."
}

# Translate output into CSV format.
function machineReadable() {
    egrep 'After|DNS|Subject:' | sed 's/^\s\+//' | sed 's/Not After : //' | sed 's/Subject: //' | sed 's/DNS://g' | tr '\n' ','
    echo
}

# Parse user options
while getopts 'aDhmMp:r:st:vV' OPTION; do
    case "$OPTION" in
        a) regex="*" ;;
        D) dump=1 ;;
        h) echo Display useful information in a concise format about an SSL object.; Usage; exit 0 ;;
        m) machinereadable=1 ;;
        M) modulus=1 ; option="-modulus" ;;
        p) port="${OPTARG}" ;;
        r) regex="${OPTARG}" ;;
        s) showserial=1 ; option="-serial" ;;
        t) host="${OPTARG}" ;;
        v) set -x ;;
        V) Version ;;
        *) Usage; exit 1 ;;
    esac
done

# Make sure some argument is set.
if [ -z "$host" ] ; then
    echo Need a target.
    Usage
    exit 1;
fi

# Pass it all through OpenSSL
# 1. Get the object
(if [ -f "$host" ]; then
     if [ `grep -c REQUEST "$host"` -gt 1 ]; then
         openssl req -noout -in "$host" $option
     elif [ `grep -c RSA\ PRIVATE\ KEY "$host"` -gt 1 ]; then
         openssl rsa -noout -in "$host" $option
     elif [ `grep -c CERTIFICATE "$host"` -gt 1 ]; then
         openssl x509 -noout -in "$host" $option
     fi
 else
     echo | openssl s_client -connect "$host":"$port" 2>&1 | if [ -z "$dump" ]; then openssl x509 -noout $option; fi
 fi) \
     | (if [ -n "$modulus" ]; then
    cat;
elif [ -n "$showserial" ]; then
    sed 's/^serial=//'
elif [ -n "$dump" ]; then # 2. Parse the object.
    grep -A 99 BEGIN\ CERTIFICATE
else
    egrep -i "$regex"
fi) \
     | (if [ -z "$machinereadable" ]; then cat; else machineReadable; fi)
Installation updates and scripts 2022-11-20 20:47:27 -06:00			`#!/bin/bash`

			`# File: sslinfo`
			`#`
			`# Description: This file takes an SSL file and prints`
			`# useful human-readable information about it.`
			`#`
			`# Package: AniNIX/ShadowArch`
			`# Copyright: WTFPL`
			`#`
			`# Author: DarkFeather <ircs://aninix.net:6697/DarkFeather>`

			`# Sanity checks`
			`set -Eeo pipefail`

			`# Default variables`
			`port=443`
			`option="-text"`
			`unset dump`
			`unset host`
			`unset modulus`
			`unset machinereadable`
			`unset showserial`
			`regex='Subject:\|Subject Alt\|Issuer:\|Not \|DNS:\|IP Addr\|Signature Algorithm'`

			`# Show Usage`
			`function Usage() {`
			`echo "Usage: $0 [ -p port ] [ -r regex \| -a \| -s ] -t TARGET"`
			`echo " $0 -V"`
			`echo " $0 -h"`
			`echo`
			`echo "Adding -m will make it machine readable, and -v will increase verbosity."`
			`echo "The -a will show all output."`
			`echo "The -s will show the serial for the certificate."`
			`echo "The -h will show helptext."`
			`echo "The -V option will show version"`
			`echo "TARGET can be a hostname, request, or certificate."`
			`}`

			`# Translate output into CSV format.`
			`function machineReadable() {`
			`egrep 'After\|DNS\|Subject:' \| sed 's/^\s\+//' \| sed 's/Not After : //' \| sed 's/Subject: //' \| sed 's/DNS://g' \| tr '\n' ','`
			`echo`
			`}`

			`# Parse user options`
			`while getopts 'aDhmMp:r:st:vV' OPTION; do`
			`case "$OPTION" in`
			`a) regex="*" ;;`
			`D) dump=1 ;;`
			`h) echo Display useful information in a concise format about an SSL object.; Usage; exit 0 ;;`
			`m) machinereadable=1 ;;`
			`M) modulus=1 ; option="-modulus" ;;`
			`p) port="${OPTARG}" ;;`
			`r) regex="${OPTARG}" ;;`
			`s) showserial=1 ; option="-serial" ;;`
			`t) host="${OPTARG}" ;;`
			`v) set -x ;;`
			`V) Version ;;`
			`*) Usage; exit 1 ;;`
			`esac`
			`done`

			`# Make sure some argument is set.`
			`if [ -z "$host" ] ; then`
			`echo Need a target.`
			`Usage`
			`exit 1;`
			`fi`

			`# Pass it all through OpenSSL`
			`# 1. Get the object`
			`(if [ -f "$host" ]; then`
			if [ `grep -c REQUEST "$host"` -gt 1 ]; then
			`openssl req -noout -in "$host" $option`
			elif [ `grep -c RSA\ PRIVATE\ KEY "$host"` -gt 1 ]; then
			`openssl rsa -noout -in "$host" $option`
			elif [ `grep -c CERTIFICATE "$host"` -gt 1 ]; then
			`openssl x509 -noout -in "$host" $option`
			`fi`
			`else`
			`echo \| openssl s_client -connect "$host":"$port" 2>&1 \| if [ -z "$dump" ]; then openssl x509 -noout $option; fi`
			`fi) \`
			`\| (if [ -n "$modulus" ]; then`
			`cat;`
			`elif [ -n "$showserial" ]; then`
			`sed 's/^serial=//'`
			`elif [ -n "$dump" ]; then # 2. Parse the object.`
			`grep -A 99 BEGIN\ CERTIFICATE`
			`else`
			`egrep -i "$regex"`
			`fi) \`
			`\| (if [ -z "$machinereadable" ]; then cat; else machineReadable; fi)`