Add initial version of the handshake command

[maraino]

Description

This commit adds the command step certificate handshake. This command performs a handshake and displays details about it.

For example:

$ step certificate handshake smallstep.com
Server Name:  smallstep.com
Version:      TLS 1.3
Cipher Suite: TLS_AES_128_GCM_SHA256
KEM:          X25519
Insecure:     false
Verified:     true

[hslatman]

Can use HandshakeContext, and it would be good to check and return the error.

In a follow up we could implement some additional error handling logic for more informative errors based on some internal code we have. I think it could be nice to put that in tlsutil.

[maraino]

Fixed with 6a13fa3

[hslatman]

Maybe needs an option to continue down, so that the connection details are shown in addition to these too? Or make that the default, instead of returning early?

[maraino]

I'm not sure about this. I make them independent commands because a certificate, especially if you include all the intermediates, is quite noisy. I also wanted to pipe those certificates to another command.

[hslatman]

That's fair, but in practice providing one of the printPeer or printChains options is doing the same as step certificate inspect https://example.com and step certificate inspect https://example.com --bundle, respectively, so if intend to return early to pipe the certs, those commands can be used, incl. JSON format.

If instead execution would continue after printing the details, it would be a bit more like curl -v (with more certificate details, of course). That would be like enabling these options results in a more verbose output, which I think is fair, considering the default is to print just TLS handshake details.

[hslatman]

Suggested change

	import (
	"strings"
	"testing"
	"github.com/pkg/errors"
	"github.com/stretchr/testify/assert"
	import (
	"errors"
	"strings"
	"testing"
	"github.com/stretchr/testify/assert"

[hslatman]

Suggested change

	// Command returns the cli.Command for jwt and related subcommands.
	// Command returns the cli.Command for tls and related subcommands.

[hslatman]

Suggested change

	"github.com/smallstep/cli-utils/errs"
	"github.com/smallstep/cli/flags"
	"github.com/smallstep/cli/internal/cryptoutil"
	"github.com/smallstep/cli/utils"
	"github.com/urfave/cli"
	"go.step.sm/crypto/pemutil"
	"go.step.sm/crypto/x509util"
	"github.com/urfave/cli"
	"github.com/smallstep/cli-utils/errs"
	"go.step.sm/crypto/pemutil"
	"go.step.sm/crypto/x509util"
	"github.com/smallstep/cli/flags"
	"github.com/smallstep/cli/internal/cryptoutil"
	"github.com/smallstep/cli/utils"