From b3ac8593cb2aaca32c0240432d09097779aa65b9 Mon Sep 17 00:00:00 2001
From: Volodymyr Khoroz <volodymyr.khoroz@foundries.io>
Date: Thu, 19 Oct 2023 18:30:29 +0300
Subject: [PATCH] Feature: show subject key ID and authority key ID extentions
 in CA

Currently, we show these extensions and unknown OIDs.
But, our Golang implementation always adds these extensions (as non-critical).
So, it is better to show them to look more professional.

Signed-off-by: Volodymyr Khoroz <volodymyr.khoroz@foundries.io>
---
 subcommands/keys/ca_show.go | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/subcommands/keys/ca_show.go b/subcommands/keys/ca_show.go
index 9b1ba47f..880612ce 100644
--- a/subcommands/keys/ca_show.go
+++ b/subcommands/keys/ca_show.go
@@ -5,6 +5,7 @@ import (
 	"crypto/elliptic"
 	"crypto/x509"
 	"encoding/asn1"
+	"encoding/hex"
 	"encoding/pem"
 	"fmt"
 	"strings"
@@ -183,7 +184,19 @@ func prettyPrint(cert string) {
 		fmt.Println("\tIs CA:", c.IsCA)
 		fmt.Println("\tExtensions:")
 		for _, ext := range c.Extensions {
-			if ext.Id.String() == "2.5.29.15" {
+			if ext.Id.String() == "2.5.29.14" {
+				fmt.Print("\t\tx509v3 Subject Key Id: ")
+				if ext.Critical {
+					fmt.Print("(critical)")
+				}
+				fmt.Println("\n\t\t\t", hex.EncodeToString(c.SubjectKeyId))
+			} else if ext.Id.String() == "2.5.29.35" {
+				fmt.Print("\t\tx509v3 Authority Key Id: ")
+				if ext.Critical {
+					fmt.Print("(critical)")
+				}
+				fmt.Println("\n\t\t\t", hex.EncodeToString(c.AuthorityKeyId))
+			} else if ext.Id.String() == "2.5.29.15" {
 				fmt.Print("\t\tx509v3 Key Usage: ")
 				if ext.Critical {
 					fmt.Print("(critical)")
@@ -232,7 +245,7 @@ func prettyPrint(cert string) {
 					fmt.Println("\t\t\tEmail:", name)
 				}
 			} else {
-				fmt.Println("Unknown OID", ext.Id.String())
+				fmt.Println("\t\tUnknown OID", ext.Id.String())
 			}
 		}
 	}