elmiko/okd-camgi

expand encoded CSR block

Closed this issue · 0 comments

when there are pending CSRs on a cluster it can be very useful to inspect how the certificate requests are formed. it would be nice if camgi could decode the request blocks inside of the csr before displaying.

for example, instead of seeing this:

apiVersion: certificates.k8s.io/v1 
kind: CertificateSigningRequest                                                                                                           
spec:
  request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkVEQ0J0d0lCQURCVk1SVXdFd1lEVlFRS0V3eHplWE4wWlcwNmJtOWtaWE14UERBNkJnTlZCQU1UTTNONQpjM1JsYlRwdWIyUmxPakY2ZGpKNWFEZzFMVFF6TTJWa0xXNTRaSEpzTFcxaGMzUmxjaTB4TG01dmRtRnNiMk5oCmJEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJBSmplblNZKzR6cE03L3pYODNFUXBKV1BYYTgKTEFwYkluaTBFdzhFVVpZRlZFUXJocDk1S1pqQ1ZwdGJnelh2Sm1yQW5JSTN1Q0hEdzcrQXpWVkFFMU9nQURBSwpCZ2dxaGtqT1BRUURBZ05JQURCRkFpQjVobGltc0JXc1AyZW9ZVG0zZHdQWC8rNUp3MVg3TkZKbWg1dDJ1WG1QCnBBSWhBTmo3ME5SYmVZL1NWWHVJamVRM1c2REZTWko3c1BjU3FvREJ2bk9MVnc4RgotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0K

the output would show this:

apiVersion: certificates.k8s.io/v1 
kind: CertificateSigningRequest                                                                                                           
spec:
  request: |
    Certificate Request:
        Data:
            Version: 1 (0x0)
            Subject: O = system:nodes, CN = system:node:1zv2yh85-433ed-nxdrl-master-1.novalocal
            Subject Public Key Info:
                Public Key Algorithm: id-ecPublicKey
                    Public-Key: (256 bit)
                    pub:
                        04:02:63:7a:74:98:fb:8c:e9:33:bf:f3:5f:cd:c4:
                        42:92:56:3d:76:bc:2c:0a:5b:22:78:b4:13:0f:04:
                        51:96:05:54:44:2b:86:9f:79:29:98:c2:56:9b:5b:
                        83:35:ef:26:6a:c0:9c:82:37:b8:21:c3:c3:bf:80:
                        cd:55:40:13:53
                    ASN1 OID: prime256v1
                    NIST CURVE: P-256
            Attributes:
                a0:00
        Signature Algorithm: ecdsa-with-SHA256
             30:45:02:20:79:86:58:a6:b0:15:ac:3f:67:a8:61:39:b7:77:
             03:d7:ff:ee:49:c3:55:fb:34:52:66:87:9b:76:b9:79:8f:a4:
             02:21:00:d8:fb:d0:d4:5b:79:8f:d2:55:7b:88:8d:e4:37:5b:
             a0:c5:49:92:7b:b0:f7:12:aa:80:c1:be:73:8b:57:0f:05