@@ -333,10 +333,10 @@ def action_read
333333 print_status ( " objectGUID: #{ object_guid } )
334334 end
335335
336- mspki_flag = obj [ 'mspki-certificate-name-flag' ] &.first
337- if mspki_flag . present?
338- mspki_flag = [ obj [ 'mspki-certificate-name-flag' ] . first . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
339- print_status ( " msPKI-Certificate-Name-Flag: 0x#{ mspki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
336+ pki_flag = obj [ 'mspki-certificate-name-flag' ] &.first
337+ if pki_flag . present?
338+ pki_flag = [ obj [ 'mspki-certificate-name-flag' ] . first . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
339+ print_status ( " msPKI-Certificate-Name-Flag: 0x#{ pki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
340340 %w[
341341 CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT
342342 CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT_ALT_NAME
@@ -352,16 +352,16 @@ def action_read
352352 CT_FLAG_SUBJECT_REQUIRE_DIRECTORY_PATH
353353 CT_FLAG_OLD_CERT_SUPPLIES_SUBJECT_AND_ALT_NAME
354354 ] . each do |flag_name |
355- if mspki_flag & Rex ::Proto ::MsCrtd . const_get ( flag_name ) != 0
355+ if pki_flag & Rex ::Proto ::MsCrtd . const_get ( flag_name ) != 0
356356 print_status ( " * #{ flag_name } )
357357 end
358358 end
359359 end
360360
361- mspki_flag = obj [ 'mspki-enrollment-flag' ] &.first
362- if mspki_flag . present?
363- mspki_flag = [ obj [ 'mspki-enrollment-flag' ] . first . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
364- print_status ( " msPKI-Enrollment-Flag: 0x#{ mspki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
361+ pki_flag = obj [ 'mspki-enrollment-flag' ] &.first
362+ if pki_flag . present?
363+ pki_flag = [ obj [ 'mspki-enrollment-flag' ] . first . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
364+ print_status ( " msPKI-Enrollment-Flag: 0x#{ pki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
365365 %w[
366366 CT_FLAG_INCLUDE_SYMMETRIC_ALGORITHMS
367367 CT_FLAG_PEND_ALL_REQUESTS
@@ -381,16 +381,16 @@ def action_read
381381 CT_FLAG_ISSUANCE_POLICIES_FROM_REQUEST
382382 CT_FLAG_SKIP_AUTO_RENEWAL
383383 ] . each do |flag_name |
384- if mspki_flag & Rex ::Proto ::MsCrtd . const_get ( flag_name ) != 0
384+ if pki_flag & Rex ::Proto ::MsCrtd . const_get ( flag_name ) != 0
385385 print_status ( " * #{ flag_name } )
386386 end
387387 end
388388 end
389389
390- mspki_flag = obj [ 'mspki-private-key-flag' ] &.first
391- if mspki_flag . present?
392- mspki_flag = [ obj [ 'mspki-private-key-flag' ] . first . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
393- print_status ( " msPKI-Private-Key-Flag: 0x#{ mspki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
390+ pki_flag = obj [ 'mspki-private-key-flag' ] &.first
391+ if pki_flag . present?
392+ pki_flag = [ obj [ 'mspki-private-key-flag' ] . first . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
393+ print_status ( " msPKI-Private-Key-Flag: 0x#{ pki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
394394 %w[
395395 CT_FLAG_REQUIRE_PRIVATE_KEY_ARCHIVAL
396396 CT_FLAG_EXPORTABLE_KEY
@@ -407,27 +407,16 @@ def action_read
407407 CT_FLAG_EK_VALIDATE_KEY
408408 CT_FLAG_HELLO_LOGON_KEY
409409 ] . each do |flag_name |
410- if mspki_flag & Rex ::Proto ::MsCrtd . const_get ( flag_name ) != 0
410+ if pki_flag & Rex ::Proto ::MsCrtd . const_get ( flag_name ) != 0
411411 print_status ( " * #{ flag_name } )
412412 end
413413 end
414414 end
415415
416- mspki_flag = obj [ 'mspki-ra-signature' ] &.first
417- if mspki_flag . present?
418- mspki_flag = [ obj [ 'mspki-ra-signature' ] . first . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
419- print_status ( " msPKI-RA-Signature: 0x#{ mspki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
420- end
421-
422- if obj [ 'pkiextendedkeyusage' ] . present?
423- print_status ( ' pKIExtendedKeyUsage:' )
424- obj [ 'pkiextendedkeyusage' ] . each do |value |
425- if ( oid = Rex ::Proto ::CryptoAsn1 ::OIDs . value ( value ) ) && oid . label . present?
426- print_status ( " * #{ value } #{ oid . label } )
427- else
428- print_status ( " * #{ value } )
429- end
430- end
416+ pki_flag = obj [ 'mspki-ra-signature' ] &.first
417+ if pki_flag . present?
418+ pki_flag = [ pki_flag . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
419+ print_status ( " msPKI-RA-Signature: 0x#{ pki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
431420 end
432421
433422 if obj [ 'mspki-certificate-policy' ] . present?
@@ -448,6 +437,31 @@ def action_read
448437 end
449438 end
450439 end
440+
441+ if obj [ 'mspki-template-schema-version' ] . present?
442+ print_status ( " msPKI-Template-Schema-Version: #{ obj [ 'mspki-template-schema-version' ] . first . to_i } )
443+ end
444+
445+ pki_flag = obj [ 'pkikeyusage' ] &.first
446+ if pki_flag . present?
447+ pki_flag = [ pki_flag . to_i ] . pack ( 'l' ) . unpack1 ( 'L' )
448+ print_status ( " pKIKeyUsage: 0x#{ pki_flag . to_s ( 16 ) . rjust ( 8 , '0' ) } )
449+ end
450+
451+ if obj [ 'pkiextendedkeyusage' ] . present?
452+ print_status ( ' pKIExtendedKeyUsage:' )
453+ obj [ 'pkiextendedkeyusage' ] . each do |value |
454+ if ( oid = Rex ::Proto ::CryptoAsn1 ::OIDs . value ( value ) ) && oid . label . present?
455+ print_status ( " * #{ value } #{ oid . label } )
456+ else
457+ print_status ( " * #{ value } )
458+ end
459+ end
460+ end
461+
462+ if obj [ 'pkimaxissuingdepth' ] . present?
463+ print_status ( " pKIMaxIssuingDepth: #{ obj [ 'pkimaxissuingdepth' ] . first . to_i } )
464+ end
451465 end
452466
453467 def action_update
0 commit comments