Skip to content

Add curve, dns-names, and ip-addrs fields; improve documentation#51

Merged
sweis merged 1 commit intomainfrom
claude/fix-xcert-extraction-hiiXu
Feb 6, 2026
Merged

Add curve, dns-names, and ip-addrs fields; improve documentation#51
sweis merged 1 commit intomainfrom
claude/fix-xcert-extraction-hiiXu

Conversation

@sweis
Copy link
Copy Markdown
Owner

@sweis sweis commented Feb 6, 2026

Summary

This PR adds three new certificate field extraction commands (curve, dns-names, ip-addrs) and significantly improves the README documentation with structured tables for available fields, check types, and verify options.

Key Changes

New Features

  • New curve field: Extract EC curve names (e.g., P-256, P-384, P-521) from EC certificates
  • New dns-names field: Extract DNS names directly from the SAN extension
  • New ip-addrs field: Extract IP addresses (IPv4 and IPv6) directly from the SAN extension
  • Added corresponding library methods in xcert-lib/src/fields.rs:
    • CertificateInfo::curve() - returns EC curve name
    • CertificateInfo::dns_names() - filters SAN entries for DNS names
    • CertificateInfo::ip_addresses() - filters SAN entries for IP addresses

Documentation Improvements

  • Converted available fields list to a structured markdown table with descriptions
  • Added check types table documenting expiry, host, email, and ip checks with their value formats
  • Added verify options table documenting all command-line flags with descriptions
  • Clarified duration format units (s, m/min, h/hr, d/day, w/week, month, y/year)
  • Improved JSON output documentation with clearer explanation of succeeded vs failed counts
  • Fixed terminology: renamed passed to succeeded in JSON batch summary to better reflect actual semantics
  • Fixed CRL option name in features section: --crl-file--CRLfile

Implementation Details

  • Added Curve, DnsNames, and IpAddrs variants to the FieldName enum
  • Implemented field extraction logic with appropriate error messages for non-applicable certificate types
  • Added color formatting support for new fields (curve as string, dns-names and ip-addrs as strings)
  • Updated help text and examples to showcase new fields
  • Maintained backward compatibility with existing field names and aliases

JSON Output Changes

  • Renamed passed to succeeded in batch operation summaries to clarify that it counts files processed without errors, not checks that passed
  • Added clarification in documentation that for check and verify commands, individual pass/fail status is in per-result data, not in the summary

https://claude.ai/code/session_01MV6PaFHhxHFhjMiaU7zDF8

@claude
Add curve/dns-names/ip-addrs field extraction and fix documentation gaps
8ef07ff 
New features:
- Add `curve` field to extract EC named curve (P-256, P-384, P-521)
- Add `dns-names` field to extract DNS names from SAN extension
- Add `ip-addrs` field to extract IP addresses from SAN extension

Documentation fixes:
- Expand field list in README into a table with descriptions
- Clarify that `emails` extracts from both subject DN and SAN extension
- Document all check types (host, email, ip) with their accepted values
- Document all verify options including --hostname, --CAfile, --CApath,
  --untrusted, --CRLfile, --crl-check, --crl-check-all
- Document bulk JSON summary fields and clarify that succeeded/failed
  count processing outcomes, not check results
- Fix CRL flag name in Features section (--CRLfile not --crl-file)

Breaking change:
- Rename bulk JSON summary field `passed` to `succeeded` to accurately
  reflect semantics across all subcommands (show, field, check, verify)

https://claude.ai/code/session_01MV6PaFHhxHFhjMiaU7zDF8
@sweis sweis merged commit cb78e33 into main Feb 6, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sweis @claude