From 3fb7f15a19ef4935fb381c23e87c54f406fc1f84 Mon Sep 17 00:00:00 2001 From: wil Date: Fri, 15 Nov 2024 01:21:27 +0100 Subject: [PATCH] Improve ADCS parsing --- VERSION | 2 +- ldeep/__main__.py | 28 ++++++++++++++++------------ 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/VERSION b/VERSION index be1dcc8..ea2f1d3 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.73 +1.0.74 diff --git a/ldeep/__main__.py b/ldeep/__main__.py index 262733b..984eb23 100755 --- a/ldeep/__main__.py +++ b/ldeep/__main__.py @@ -822,30 +822,34 @@ def list_templates(self, kwargs): print(f"{'Template Name':<30}: {template.get('name')}") print(f"{'Display Name':<30}: {template.get('displayName')}") + is_enabled = False + cert_authorities = [] for ca in adcs_infos: if template.get("name") in adcs_infos[ca]: is_enabled = True - cert_auth = ca - break - else: - is_enabled = False + cert_authorities.append(ca) if is_enabled: + print(f"{'Certificate Authority':<30}: {cert_authorities[0]}") + for cert_auth in cert_authorities[1:]: + print(f"{' ' * 32}{cert_auth}") print(f"{'Enabled':<30}: True") - print(f"{'Certificate Authority':<30}: {ca}") else: print(f"{'Enabled':<30}: False") ekus = [] client_auth = False - for eku in template.get("pKIExtendedKeyUsage"): - if eku in AUTHENTICATING_EKUS.keys(): + if "pKIExtendedKeyUsage" in template.keys(): + for eku in template.get("pKIExtendedKeyUsage"): + if eku in AUTHENTICATING_EKUS.keys(): + client_auth = True + try: + ekus.append(OID_TO_STR_MAP[eku]) + except KeyError: + ekus.append(eku) + if template.get("pKIExtendedKeyUsage") == []: client_auth = True - try: - ekus.append(OID_TO_STR_MAP[eku]) - except KeyError: - ekus.append(eku) - if template.get("pKIExtendedKeyUsage") == []: + else: client_auth = True print(f"{'Client Authentication':<30}: {client_auth}")