use strict;
# this script dumps the contents of the certificate blobs, as stored in the registry
use IO::File;
use Getopt::Long;
my $savecert;
GetOptions(
    "s"=>\$savecert,
);
my %propids= (
    1=>'KEY_PROV_HANDLE',
    2=>'KEY_PROV_INFO',
    3=>'SHA1_HASH',  # aka 'HASH'
    4=>'MD5_HASH',
    5=>'KEY_CONTEXT',
    6=>'KEY_SPEC',
    7=>'IE30_RESERVED',
    8=>'PUBKEY_HASH_RESERVED',
    9=>'ENHKEY_USAGE',   # aka 'CTL_USAGE'
    10=>'NEXT_UPDATE_LOCATION',
    11=>'FRIENDLY_NAME',
    12=>'PVK_FILE',
    13=>'DESCRIPTION',
    14=>'ACCESS_STATE',
    15=>'SIGNATURE_HASH',
    16=>'SMART_CARD_DATA',
    17=>'EFS',
    18=>'FORTEZZA_DATA',
    19=>'ARCHIVED',
    20=>'KEY_IDENTIFIER',
    21=>'AUTO_ENROLL',
    22=>'PUBKEY_ALG_PARA',
    23=>'CROSS_CERT_DIST_POINTS',
    24=>'ISSUER_PUBLIC_KEY_MD5_HASH',
    25=>'SUBJECT_PUBLIC_KEY_MD5_HASH',
    26=>'ENROLLMENT',
    27=>'DATE_STAMP',
    28=>'ISSUER_SERIAL_NUMBER_MD5_HASH',
    29=>'SUBJECT_NAME_MD5_HASH',
    30=>'EXTENDED_ERROR_INFO',
    64=>'RENEWAL',
    65=>'ARCHIVED_KEY_HASH',
    66=>'AUTO_ENROLL_RETRY',
    67=>'AIA_URL_RETRIEVED',
    68=>'FIRST_RESERVED',
);
sub savebin {
    my ($name, $data)= @_;
    my $fh= IO::File->new($name, "w") or die "$name:$!\n";
    binmode $fh;
    $fh->print($data);
    $fh->close();
}
my $n=0;
binmode STDIN;
local $/;
while (<>) {
    next if (/^#/);
    my $data;
    if ($_ =~ /\x00/) {
        # data is binary blob
        $data= $_;
    }
    else {
        # hexdata somewhere on line, remove uninteresting parts.
        s/^\s*"?Blob"?=hex://;
        s/,//g;
        s/\s//g;
        $data= pack("H*", $_);
    }
    while (length($data)) {
        my ($type, $one, $len)= unpack("VVV", $data);
        my $chunk= substr($data, 12, $len);
        $data= substr($data, 12+$len);
        printf("%08lx:%08lx:%08lx %-14s %s\n", $type, $one, $len, $propids{$type}||"", unpack("H*", $chunk));
        if ($type==0x20 && $savecert) {
            savebin(sprintf("cert_%03d.der", $n++), $chunk);
        }
    }
    printf("\n");
}