Add a check only mode

sort_certificate.py

@@ -250,6 +250,10 @@ def handle_args():
                         action='store_true',
                         help='Show only error logging')
 
+    loggrp.add_argument('-c', '--check',
+                        action='store_true',
+                        help='Only check, output nothing')
+
     outputgrp = parser.add_mutually_exclusive_group()
 
     outputgrp.add_argument('--just-certificate',
@@ -304,7 +308,7 @@ def main():
 
     args = handle_args()
 
-    if args.verbose:
+    if args.verbose or args.check:
         logging.basicConfig(level=logging.INFO)
     elif args.debug:
         logging.basicConfig(level=logging.DEBUG)
@@ -414,18 +418,20 @@ def main():
             logging.info('Subject: %s', x509_subject)
             logging.info('Issuer: %s', x509_issuer)
 
-            print(CERTINFO_TEMPLATE.format(
+            logging.info(CERTINFO_TEMPLATE.format(
                 subject=x509_subject,
                 issuer=x509_issuer,
                 notbefore=x509_not_before.strftime(OPENSSLTIME_FMT),
                 notafter=x509_not_after.strftime(OPENSSLTIME_FMT),
                 sha1fingerprint=x509_object.digest('sha1').decode()))
 
+            if not args.check:
                 print(crypto.dump_certificate(crypto.FILETYPE_PEM,
                                               x509_object).decode('ascii'),
                       end='')
 
         if rsa_objects:
+            if not args.check:
                 logging.info('Print RSA private keys')
                 for rsa_object in rsa_objects:
                     print(rsa_object.to_cryptography_key().private_bytes(
@@ -435,6 +441,7 @@ def main():
                             'ascii'),
                           end='')
         elif pk_objects:
+            if not args.check:
                 logging.info('Print private keys')
                 for pk_object in pk_objects:
                     print(crypto.dump_privatekey(crypto.FILETYPE_PEM,