Skip to content

Support for displaying OIDs for unknown algorithms#69

Open
maraino wants to merge 5 commits intomasterfrom
mariano/unkown-algos
Open

Support for displaying OIDs for unknown algorithms#69
maraino wants to merge 5 commits intomasterfrom
mariano/unkown-algos

Conversation

@maraino
Copy link

@maraino maraino commented Jan 30, 2025
edited
Loading

Description

This commit supports displaying the OIDs for unknown signature and public key algorithms. The output also shows the bytes of the public key.

This can be used for example to examine certificates with PQC algorithms.

An example of this is:

$ step certificate inspect dilithium-certificates/examples/ML-DSA-44.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123456789012345678901234567890123456789012345678 (0x159ffe6f22fd5cc42c524df6fd5e28d0de38f34e)
    Signature Algorithm: ML-DSA-44
        Issuer: O=IETF,CN=LAMPS WG
        Validity
            Not Before: Feb 3 04:32:10 2020 UTC
            Not After : Jan 29 04:32:10 2040 UTC
        Subject: O=IETF,CN=LAMPS WG
        Subject Public Key Info:
            Public Key Algorithm: ML-DSA-44
                Public-Key:
                Raw Bytes:
                    d7:b2:b4:72:54:aa:e0:db:45:e7:93:0d:4a:98:d2:
                    c9:7d:8f:13:97:d1:78:9d:af:a1:70:24:b3:16:e9:
                    be:c9:4f:c9:94:6d:42:f1:9b:79:a7:41:3b:ba:a3:
                    3e:71:49:cb:42:ed:51:15:69:3a:c0:41:fa:cb:98:
                    8a:de:b5:fe:0e:1d:86:31:18:49:95:b5:92:c3:97:
                    d2:29:4e:2e:14:f9:0a:a4:14:ba:38:26:89:9a:c4:
                    3f:4c:cc:ac:bc:26:e9:a8:32:b9:51:18:d5:cb:43:
                    3c:be:f9:66:0b:00:13:8e:08:17:f6:1e:76:2c:a2:
                    74:c3:6a:d5:54:eb:22:aa:c1:16:2e:4a:b0:1a:cb:
                    a1:e3:8c:4e:fd:8f:80:b6:5b:33:3d:0f:72:e5:5d:
                    fe:71:ce:9c:1e:bb:98:89:e7:c5:61:06:c0:fd:73:
                    80:3a:2a:ec:fe:af:de:d7:aa:3c:b2:ce:da:54:d1:
                    2b:d8:cd:36:a7:8c:f9:75:94:3b:47:ab:d2:5e:88:
                    0a:c4:52:e5:74:2e:d1:e8:d1:a8:2a:fa:86:e5:90:
                    c7:58:c1:5a:e4:d2:84:0d:92:bc:a1:a5:09:0f:40:
                    49:65:97:fc:a7:d8:b9:51:3f:1a:1b:da:6e:95:0a:
                    aa:98:de:46:75:07:d4:a4:f5:a4:f0:59:92:16:58:
                    2c:35:72:f6:2e:da:89:05:ab:35:81:67:0c:4a:02:
                    77:7a:33:e0:ca:72:95:fd:8f:4f:f6:d1:a0:a3:a7:
                    68:3d:65:f5:f5:f7:fc:60:da:02:3e:82:6c:5f:92:
                    14:4c:02:f7:d1:ba:10:75:98:75:53:ea:93:67:fc:
                    d7:6d:99:0b:7f:a9:9c:d4:5a:fd:b8:83:6d:43:e4:
                    59:f5:18:7d:f0:58:47:97:09:a0:1e:a6:83:59:35:
                    fa:70:46:09:90:cd:3d:c1:ba:40:1b:a9:4b:ab:1d:
                    de:41:ac:67:ab:33:19:dc:ac:a0:60:48:d4:c4:ee:
                    f2:7e:e1:3a:9c:17:d0:53:8f:43:0f:2d:64:2d:c2:
                    41:56:60:de:78:87:7d:8d:8a:bc:72:52:39:78:c0:
                    42:e4:28:5f:43:19:84:6c:44:12:62:42:97:68:44:
                    c1:0e:55:6b:a2:15:b5:a7:19:e5:9d:0c:6b:2a:96:
                    d3:98:59:07:1f:dc:c2:cd:e7:52:4a:7b:ed:ae:54:
                    e8:5b:31:8e:85:4e:8f:e2:b2:f3:ed:fa:c9:71:91:
                    28:27:0a:af:d1:e5:04:4c:3a:4f:da:fd:9f:f3:1f:
                    90:78:4b:8e:8e:45:96:14:4a:0d:af:58:65:11:d3:
                    d9:96:2b:9e:a9:5a:f1:97:b4:e5:fc:60:f2:b1:ed:
                    15:de:3a:5b:ef:5f:89:bd:c7:9d:91:05:1d:9b:28:
                    16:e7:4f:a5:45:31:ef:dc:1c:be:74:d4:48:85:7f:
                    47:6b:cd:58:f2:1c:0b:65:3b:3b:76:a4:e0:76:a6:
                    55:9a:30:27:18:55:5c:c6:3f:74:85:9a:ab:ab:92:
                    5f:02:38:61:ca:8c:d0:f7:ba:db:28:71:f6:7d:55:
                    32:6d:74:51:13:5a:d4:5f:4a:1b:a6:91:18:fb:b2:
                    c8:a3:0e:ec:93:92:ef:3f:97:70:66:c9:ad:d5:c7:
                    10:cc:64:7b:15:14:d2:17:d9:58:c7:01:7c:3e:90:
                    fd:20:c0:4e:67:4b:90:48:6e:93:70:a3:1a:00:1d:
                    32:f4:73:97:9e:49:06:74:9e:7e:47:7f:a0:b7:45:
                    08:f8:a5:f2:37:83:12:b8:3c:25:bd:38:8c:a0:b0:
                    ff:f7:47:8b:af:42:b7:16:67:ed:aa:c9:7c:46:b1:
                    29:64:3e:58:6e:5b:05:5a:0c:21:19:46:d4:f3:6e:
                    67:5b:ed:58:60:fa:04:2a:31:5d:98:26:16:4d:6a:
                    92:37:c3:5a:5f:bf:49:54:90:a5:bd:4d:f2:48:b9:
                    5c:4a:ae:77:84:b6:05:67:31:66:ac:42:45:b5:b4:
                    b0:82:a0:9e:93:23:e6:2f:20:78:c5:b7:67:83:44:
                    6d:ef:d7:36:ad:3a:37:02:d4:9b:08:98:44:90:0a:
                    61:83:33:97:bc:44:19:b3:0d:7a:97:a0:b3:87:c1:
                    91:14:74:c4:d4:1b:53:e3:2a:97:7a:cb:6f:0e:a7:
                    5d:b6:5b:b3:9e:59:e7:01:e7:69:57:de:f6:f2:d4:
                    45:59:c3:1a:77:12:2b:52:04:e3:b5:c2:19:f1:68:
                    8b:14:ed:0b:c0:b8:01:b3:e6:e8:2d:cd:43:e9:c0:
                    e9:f4:17:44:cd:98:15:bd:1b:c8:82:0d:8b:b1:23:
                    f0:4f:ac:d1:b1:b6:85:dd:5a:2b:1b:8d:bb:f3:ed:
                    93:36:70:f0:95:a1:80:b4:f1:92:d0:8b:10:b8:fa:
                    bb:df:cc:2b:24:51:8e:32:ee:a0:a5:e0:c9:04:ca:
                    84:47:80:08:3f:3b:0c:d2:d0:b8:b6:af:67:bc:35:
                    5b:94:94:02:5d:c7:b0:a7:8f:a8:0e:3a:2d:bf:eb:
                    51:32:88:51:d6:07:81:98:e9:49:36:51:ae:78:7e:
                    c0:25:1f:92:2b:a3:0e:9f:51:df:62:a6:d7:27:84:
                    cf:3d:d2:05:39:31:76:df:a3:24:a5:12:bd:94:97:
                    0a:36:dd:34:a5:14:a8:67:91:f0:eb:36:f0:14:5b:
                    09:ab:64:65:1b:4a:03:13:b2:99:61:1a:2a:1c:48:
                    89:16:27:59:87:68:a3:11:40:60:ba:44:43:48:6d:
                    f5:15:22:a1:ce:88:b3:09:85:c2:16:f8:e6:ed:17:
                    8d:d5:67:b3:04:a0:d4:ca:fb:a8:82:a2:83:42:f1:
                    7a:9a:a2:6a:e5:8d:b6:30:08:3d:2c:35:8f:df:56:
                    6c:3f:5d:62:a4:28:56:7b:c9:ea:8c:e9:5c:aa:0f:
                    35:47:4b:0b:fa:8f:33:9a:25:0a:b4:df:cf:20:83:
                    be:8e:ef:bc:10:55:e1:8f:e1:53:70:ee:cb:26:05:
                    66:d8:3f:f0:6b:21:1a:ae:c4:3c:a2:9b:54:cc:d0:
                    0f:88:15:a2:46:5e:f0:b4:65:15:cc:7e:41:f3:12:
                    4f:09:ef:ff:73:93:09:ab:58:b2:9a:14:59:a0:0b:
                    ce:50:38:e9:38:c9:67:8f:72:eb:0e:4e:e5:fd:aa:
                    e6:6d:9f:85:73:fc:97:fc:42:b4:95:9f:4b:f8:b6:
                    1d:78:43:3e:86:b0:33:5d:6e:91:91:c4:d8:bf:48:
                    7b:39:05:c1:08:cf:d6:ac:24:b0:ce:b7:dc:b7:cf:
                    51:f8:4d:0e:d6:87:b9:5e:ae:b1:c5:33:c0:6f:0d:
                    97:02:3d:92:a7:08:25:83:7b:59:ba:6c:b7:d4:e5:
                    6b:0a:87:c2:03:86:2a:e8:f3:15:ba:59:25:e8:ed:
                    ef:a6:79:36:9a:22:02:76:61:51:f1:6a:96:5f:9f:
                    81:ec:e7:6c:c0:70:b5:58:69:e4:db:97:84:cf:05:
                    c8:30:b3:24:2c:83:12        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                32:9A:07:B1:FA:BB:48:F5:2A:30:9F:11:A1:89:8F:84:8E:23:22:FF
    Signature Algorithm: ML-DSA-44
         67:a8:95:1f:c3:08:e1:2f:68:67:61:1f:dc:25:4b:f4:bc:b5:
         14:f7:f5:f2:fd:eb:72:fa:8e:1a:03:00:61:67:7b:84:cd:27:
         55:97:d8:31:54:19:59:66:b1:41:67:0c:b0:e8:81:13:46:0d:
         97:8a:1a:7a:38:95:c1:1c:a4:19:95:77:5c:09:d6:4d:de:b4:
         7b:c8:7c:4e:8b:f1:c9:32:7f:c4:af:d5:c3:78:65:53:e1:7d:
         62:9b:0f:27:14:27:65:48:14:32:b5:e7:cc:d0:ba:61:e5:1c:
         ad:3d:d8:f9:59:38:c2:35:eb:ec:ee:af:8b:16:ae:33:66:f3:
         00:c5:35:8e:c7:be:9e:b2:3a:1e:a1:a3:da:58:68:67:04:f0:
         48:3f:96:8a:6e:4b:1f:89:67:0a:01:34:b3:6a:18:d6:c7:27:
         dc:9b:02:7b:12:79:47:93:a4:8c:7a:b6:6e:df:57:ac:18:11:
         39:14:c0:0d:0a:11:b6:5a:65:2f:47:77:13:37:bf:74:36:66:
         fc:a9:5b:cb:d3:91:21:ae:07:50:be:c5:5a:d5:a8:cb:ce:98:
         e5:38:ae:52:39:47:d6:92:99:76:33:0f:ca:3f:c9:5c:01:d1:
         40:3b:49:e5:cb:a8:18:12:f4:36:50:dd:01:31:09:34:27:9e:
         cd:07:cc:ab:34:c2:ca:30:a7:d3:dd:50:92:e1:63:0e:14:23:
         cc:9f:ac:43:a1:b4:db:0e:3d:97:0f:0a:a6:6d:40:4a:e8:7b:
         04:b4:cf:72:ec:fb:67:ea:cb:a4:d8:cd:8e:65:ba:ee:b4:7a:
         fa:11:cc:2b:8e:f8:99:22:88:66:7b:8e:de:f5:4a:9e:27:67:
         b6:32:e1:49:87:35:b2:8c:6f:60:f0:8b:59:69:e5:e2:6d:d7:
         ca:39:6b:9e:5c:c3:e1:2a:1e:73:62:36:02:32:8d:64:a0:8e:
         f4:a2:9a:f3:57:11:cc:87:0d:26:37:3b:b1:b9:eb:2e:ff:e1:
         29:73:54:4c:44:a7:e2:cd:f2:03:24:4f:53:b3:7a:6d:52:32:
         37:d8:9f:06:f6:f5:53:4e:d6:31:13:c8:f0:0e:ff:7f:dc:d5:
         09:a2:d8:c7:ce:f2:9b:d3:fb:18:6a:4c:8c:36:2b:3d:44:29:
         39:a2:90:76:ee:32:71:6b:8f:ae:51:00:d8:1a:07:21:5c:db:
         1c:79:bd:df:bd:c1:4f:52:e3:73:18:d1:e5:26:db:84:d1:60:
         fb:8d:a1:c0:6d:bc:e1:59:55:cd:c2:d6:fd:78:a2:a5:a5:8d:
         f2:39:ce:36:6c:6d:90:b3:2e:8b:d4:7f:c1:fd:13:09:e8:62:
         94:c0:c3:b5:1c:e7:7e:6d:fb:6f:67:22:e6:8f:4c:3f:f2:eb:
         4c:34:69:31:50:6e:74:3b:b0:21:99:8b:80:f4:3f:6e:3d:3c:
         9f:e5:47:77:c0:f6:58:00:e9:47:f9:04:32:90:e1:4b:01:b6:
         3f:8e:26:c3:01:38:09:42:86:6c:74:b4:a9:02:ce:49:1c:0c:
         95:05:44:cf:0c:69:38:ea:cb:32:eb:30:26:6c:e8:2c:4d:0a:
         36:c5:11:ea:8f:f7:c4:09:54:9a:3a:82:64:ca:98:3d:8c:6d:
         5e:03:5f:24:42:43:a7:75:75:8a:ac:99:2b:58:84:4b:71:10:
         d3:f8:7c:9b:ba:19:dd:8a:8d:2a:b1:29:4e:05:55:ec:49:95:
         a5:48:dc:56:cc:e3:5a:05:dc:48:ac:a7:55:5b:16:41:dd:e3:
         d1:97:fc:df:35:d1:2f:09:aa:f3:e6:a7:27:75:cd:18:24:9a:
         21:e7:0e:da:c6:71:0d:b6:a2:1e:1c:05:61:19:2d:d0:11:91:
         33:64:0c:ff:f2:0f:31:87:97:85:16:bf:d6:cb:e6:6c:e1:07:
         1b:12:46:f4:ba:93:7d:f9:01:b3:ed:35:06:9e:eb:df:ff:65:
         45:9f:b9:b7:77:ae:92:98:a7:a4:9a:c2:4f:40:20:79:5d:e5:
         de:e8:db:cf:20:a2:41:b6:e8:14:36:8f:4b:8f:a4:2a:f8:be:
         89:2d:9e:1e:38:ae:4b:f5:a4:7c:fd:46:a3:98:e4:b3:18:64:
         71:e2:45:34:fb:13:98:60:b2:5c:63:f2:db:f8:5a:53:d8:64:
         88:c8:3d:ff:09:ae:20:a9:bf:83:14:5f:20:18:7f:0e:82:2b:
         d4:75:99:8d:3b:96:70:11:96:4e:ed:8d:b9:77:80:54:ef:cc:
         6c:cb:69:07:4b:ba:99:66:24:b4:74:1c:57:10:36:2d:e9:d4:
         f8:de:4b:10:f6:db:1e:9f:80:98:f4:02:45:93:ea:07:38:93:
         cb:1f:e7:b9:59:c5:0f:ef:c4:01:b3:ca:cd:ea:8c:2a:17:13:
         5b:a9:df:90:ab:7f:31:de:33:9a:2d:6f:85:6c:71:ed:cf:b0:
         0e:5a:3d:73:20:1f:be:c4:b4:a7:9b:97:28:ad:70:cd:a0:b8:
         98:12:15:74:f6:0d:95:9b:40:8c:10:8a:f1:ab:0a:a4:7d:ff:
         37:26:09:f3:18:6c:06:3c:57:2c:b8:90:89:f2:a2:18:ea:40:
         2c:b0:72:fc:bc:89:5a:6a:38:47:8c:e4:02:d5:08:2c:3e:05:
         72:c2:32:2c:c2:09:96:ca:96:8d:a3:5d:7b:2e:db:c0:62:3b:
         e6:16:50:90:12:05:f1:02:71:15:5b:53:9f:81:d0:06:db:8d:
         7b:67:a4:ed:ee:f6:77:e6:da:c9:c7:89:be:55:00:15:74:ee:
         ea:87:97:f7:f5:2e:4b:b0:21:b9:8e:20:88:dc:c8:d6:93:4e:
         80:dc:16:5d:1c:71:44:49:b0:bc:fa:f3:25:ab:59:67:b7:30:
         7e:c2:93:7b:34:92:42:5b:f6:3b:8a:bb:d3:ed:97:da:1d:15:
         b5:48:3f:a6:4c:f7:1a:49:c4:d3:b4:b7:82:00:d1:f5:09:20:
         6f:2c:10:4b:fe:36:96:e3:c8:00:36:db:00:a5:e1:1d:a0:5a:
         5f:f4:da:0f:fb:99:56:7f:81:39:9e:6c:a9:69:b1:11:b6:c7:
         b6:fc:e5:49:e6:b4:d8:9d:45:93:81:ea:91:66:e9:bb:30:72:
         08:9d:b9:4a:e0:d1:af:e5:f2:9f:ce:19:0e:77:ad:ba:64:34:
         94:19:1c:da:ba:3e:ad:92:97:c3:c6:06:33:2b:74:69:7f:19:
         c0:9c:4b:e2:a3:41:fd:61:45:12:9a:e8:56:c3:ab:bb:c1:bb:
         8b:05:e0:b7:84:0f:f1:64:41:4a:9d:a4:4e:54:14:6c:d4:c5:
         de:0c:4e:4e:cb:25:91:41:2b:4e:7b:dc:45:0d:06:a4:ad:3a:
         0d:14:06:f3:06:e3:81:ec:29:1f:2c:3b:3b:c4:9f:8b:7e:04:
         8c:0c:e2:73:48:30:b4:8a:79:d3:5f:cc:5a:62:a9:45:48:00:
         a3:0f:4b:3e:b7:a2:68:ba:b6:4c:12:10:0d:71:21:51:bf:5f:
         12:16:3b:ed:02:9e:8a:bf:1c:a6:e7:b7:b1:28:6a:73:3f:53:
         2d:ae:51:10:91:aa:b0:ff:fc:fd:44:64:ee:56:63:88:8f:98:
         59:b4:4b:a7:65:36:0f:ff:f4:34:f1:2a:f1:fc:6b:cc:db:5a:
         71:94:71:49:dc:76:89:df:f2:4d:6b:a6:b6:3e:6c:c2:31:40:
         e3:29:34:b6:e9:da:76:5b:43:32:01:18:b8:a8:11:f8:9c:3d:
         1b:7f:f2:15:30:e7:7a:91:ca:e3:55:7a:c7:c7:84:ff:82:63:
         50:0b:c8:25:60:03:0d:6c:6e:74:ee:e8:17:fc:2c:63:40:27:
         52:e5:9e:f4:39:16:d3:d8:3c:21:68:64:36:e9:03:4d:da:6c:
         97:4f:21:08:b1:74:ea:a1:f7:31:21:c9:ad:d5:00:ce:cd:86:
         18:b3:02:be:da:d7:2b:62:f7:93:bd:0f:70:ba:8c:5e:16:cf:
         4a:be:dd:d5:11:96:81:6d:01:95:17:d1:e2:5f:b6:2c:9f:79:
         d9:23:2f:df:1c:ee:c6:04:f8:dd:a5:f7:14:55:41:c5:79:3b:
         9c:5a:e1:58:95:88:a4:9a:6e:61:74:61:4e:a0:12:93:3a:19:
         2b:3b:08:47:25:b4:65:bb:1a:22:cc:b4:b6:0c:f3:ca:14:2f:
         76:83:a8:26:7f:b6:b0:a8:dc:0b:3a:5f:63:ab:60:44:3f:6c:
         7e:e7:0e:9b:5b:06:7a:df:dc:33:96:0f:88:96:1e:8b:6a:8a:
         31:e6:1c:bc:00:96:88:8f:06:34:66:37:ec:ec:e1:96:29:1b:
         95:e3:b8:c5:79:df:27:01:0e:63:1e:ba:36:34:c7:66:a9:33:
         d7:f4:e2:08:11:94:6b:b8:7e:97:f7:e7:ba:de:95:7e:4c:52:
         d7:26:76:af:91:ac:77:1e:c3:51:f3:64:11:e2:b2:cc:83:27:
         61:10:37:cf:0d:f4:e3:b9:47:a8:7e:f5:e2:b5:79:55:b1:37:
         c9:81:10:5a:f7:6d:62:51:cc:14:cd:b3:f4:30:ed:6b:9f:51:
         44:04:ce:7a:69:bb:00:0d:5f:62:c7:e8:76:b5:7f:40:f2:62:
         e6:a3:e6:be:91:ed:0a:f7:c8:b5:b7:4b:16:0f:3c:66:1d:73:
         57:99:d5:fb:47:68:51:35:c5:55:1f:69:a0:94:44:f5:f0:12:
         95:f5:39:a8:22:7d:27:1e:48:49:fb:c8:90:6c:f5:7e:67:ea:
         5e:15:0d:f5:f1:3b:0b:41:2f:97:b2:18:40:b8:2e:4d:71:73:
         9d:1b:ec:5e:f9:e5:8b:04:7d:52:df:e0:f3:92:6d:5d:48:a4:
         bb:81:76:4e:10:81:30:70:43:6e:8b:fa:a7:5d:bc:90:ff:b6:
         ec:b0:60:4a:13:38:20:6f:34:72:5c:68:9f:cb:16:87:ac:b4:
         44:b5:33:d4:c4:da:98:46:19:28:25:c0:3d:9c:c9:a1:68:5b:
         cd:d3:67:b3:f4:13:b2:33:4f:f3:09:6e:bc:14:6d:76:46:fa:
         c3:85:6b:9b:a1:8e:d8:15:d8:ea:94:14:04:f7:28:0e:ec:a6:
         02:17:c0:17:d4:f1:46:7f:3a:d0:e4:1e:31:c4:ff:35:1b:14:
         f5:9f:fc:9d:19:f3:dc:a6:c0:b8:c4:d8:b1:0e:aa:6e:3b:8b:
         4c:3c:1f:17:d0:78:6f:86:14:0d:04:76:db:3f:30:97:30:8d:
         2f:38:30:16:51:92:23:5d:b1:85:fd:de:8d:19:70:8c:66:49:
         27:fd:75:52:9e:29:11:e8:11:4b:f7:3e:2e:2d:8e:52:f4:2b:
         f4:9c:62:f1:71:88:74:42:59:63:54:fc:a1:5a:73:0c:97:f7:
         0b:6f:60:a4:04:56:48:30:17:ac:59:f4:96:06:47:9e:a1:72:
         79:b7:82:d6:e0:d6:f2:bf:f0:1a:d6:26:23:61:02:e7:7f:85:
         94:e1:79:00:57:07:fb:72:f3:39:b6:73:7a:ba:b0:ae:8a:f8:
         50:c3:80:f8:1e:5c:40:c5:39:bc:3b:f5:2c:57:16:2f:3b:c9:
         1c:c5:c9:7c:21:cb:e6:75:52:ba:45:c2:31:ac:2b:f8:36:de:
         2a:3a:e4:b1:e1:b4:51:7d:20:a5:46:d0:cb:4b:c7:20:7d:4a:
         da:07:83:db:1c:a5:dd:32:7c:8c:26:8a:3b:16:ff:1e:ef:8a:
         7e:4b:ed:38:2b:21:d3:b4:c0:f9:c9:d3:57:55:87:47:be:ec:
         bd:47:0c:12:bc:c7:5d:63:85:9b:cf:94:a2:62:17:00:b3:b5:
         12:20:db:a6:ed:fc:80:44:51:2e:40:bc:e1:e3:21:44:14:23:
         29:c7:66:95:c0:45:b2:68:a5:b7:77:1f:22:87:f2:a6:e8:4c:
         46:22:05:8c:89:1e:d3:4c:b6:18:47:50:56:c6:46:03:f2:d7:
         d4:72:0b:a8:3e:1d:10:50:c3:40:8d:8b:3e:f0:86:e6:a7:b6:
         f0:74:df:5a:ca:73:b2:a2:bd:e0:84:44:4b:39:be:56:67:69:
         22:33:73:91:3c:ab:3c:8d:3a:c8:cb:f1:68:71:9a:8f:05:2d:
         2d:60:91:78:93:86:fe:e5:e1:b3:06:d7:ec:4b:e2:55:8c:aa:
         09:1e:2f:cc:32:c3:55:70:2e:97:1a:3f:3a:c1:da:42:13:17:
         f3:16:0e:2d:7a:27:b7:1e:d2:34:20:65:bb:f1:04:07:0c:39:
         42:49:4a:52:57:60:77:98:a0:af:b6:c3:c6:cb:d9:ea:f1:f2:
         ff:07:0d:23:36:37:45:47:62:76:7b:83:92:94:a6:d6:12:28:
         2f:3e:3f:49:6d:93:9b:a0:b6:bb:d2:da:e5:eb:ee:ef:10:1f:
         23:2d:6e:97:c2:c4:df:f3:f4:00:00:00:00:00:00:00:00:00:
         00:00:00:00:17:26:38:43

@maraino
Support for displaying OIDs for unknown algorithms
21da9a3 
This commit supports displaying the OIDs for unknown signature and
public key algorithms. The output also showsthe bytes of the public
key.

This can be used for example to examine certificates with PQC
algorithms.
@maraino maraino force-pushed the mariano/unkown-algos branch from 527ef26 to 21da9a3 Compare January 30, 2025 19:18
@maraino maraino marked this pull request as ready for review January 31, 2025 01:01
@maraino maraino requested a review from a team as a code owner January 31, 2025 01:01
hslatman
hslatman reviewed Jan 31, 2025
View reviewed changes
test_certs/ML-DSA-44.crt.text.short Outdated
@@ -0,0 +1,5 @@
X.509v3 Intermediate CA Certificate (0 unknown) [Serial: 1234...5678]
Copy link
Member

@hslatman hslatman Jan 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't (0 unknown) now indicate something like ML-DSA-44? Do these need regeneration?

Copy link
Author

@maraino maraino Jan 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 5cd6125

certinfo.go
}
default:
return errors.New("certinfo: Unknown public key type")
printUnknownPublicKeyAlgorithm(certOrCSR, buf)
Copy link
Member

@hslatman hslatman Jan 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe needs a split in logic between an actually unknown algorithms, and the ones that you added in this PR, as the latter ones are not unknown algorithms (anymore).

Copy link
Author

@maraino maraino Jan 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean? Now, unless the certificate parsing fails, I can extract at least the OID of the public key and signature algorithms, instead of just crashing.

Copy link
Member

@hslatman hslatman Feb 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The main thing was that the algorithms extracted using the new method aren't (fully) unknown (anymore), as they're now known in this library, but maybe it's a bit too pedantic. On the other hand: it is performing logic for the case it's the x509.UnknownPublicKeyAlgorithm, so maybe not that bad.

maraino and others added 2 commits January 31, 2025 10:52
@maraino @hslatman
Fix typo in docs
3b6a4b7 
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
@maraino
Add public key algorithm in short certificates
5cd6125
@maraino maraino requested a review from hslatman January 31, 2025 19:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hslatman hslatman hslatman approved these changes

Assignees

No one assigned

Labels

needs triage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@maraino @hslatman