From 0eabb54b70124621fa9163aba2434cf478b6e68a Mon Sep 17 00:00:00 2001 From: Dominik Roos Date: Mon, 9 Sep 2024 10:31:41 +0200 Subject: [PATCH] scion-pki: show ISD-AS in distinguished name Include the ISD-AS in the output of the distinguished name of the certificate. Previously, the output would show `UnknownOID=1.3.6.1.4.1.55324.1.2.1` instead of the ISD-AS. Furthemore, represent the extended key usage for sensitive voting, regular voting, and cppki root certificates as a human readable string. --- scion-pki/certs/certinfo.go | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/scion-pki/certs/certinfo.go b/scion-pki/certs/certinfo.go index eab1755dcf..a8b5d7efaf 100644 --- a/scion-pki/certs/certinfo.go +++ b/scion-pki/certs/certinfo.go @@ -45,6 +45,8 @@ import ( "time" "github.com/pkg/errors" + + "github.com/scionproto/scion/pkg/scrypto/cppki" ) // Time formats used @@ -154,6 +156,8 @@ func printName(names []pkix.AttributeTypeAndValue, buf *bytes.Buffer) []string { values = append(values, fmt.Sprintf("DC=%s", name.Value)) } else if oid.Equal(oidUserID) { values = append(values, fmt.Sprintf("UID=%s", name.Value)) + } else if oid.Equal(cppki.OIDNameIA) { + values = append(values, fmt.Sprintf("ISD-AS=%s", name.Value)) } else { values = append(values, fmt.Sprintf("UnknownOID=%s", name.Type.String())) } @@ -628,7 +632,16 @@ func certificateText(cert *x509.Certificate) (string, error) { } } for _, oid := range cert.UnknownExtKeyUsage { - list = append(list, oid.String()) + switch { + case oid.Equal(cppki.OIDExtKeyUsageSensitive): + list = append(list, "Sensitive Voting") + case oid.Equal(cppki.OIDExtKeyUsageRegular): + list = append(list, "Regular Voting") + case oid.Equal(cppki.OIDExtKeyUsageRoot): + list = append(list, "CPPKI Root") + default: + list = append(list, oid.String()) + } } if len(list) > 0 { buf.WriteString(fmt.Sprintf("%16s%s", "", list[0]))