certificate-api/routes/get.go

package routes

import (
	"crypto/sha1"
	"crypto/tls"
	"encoding/hex"
	"fmt"
	"github.com/gin-gonic/gin"
	"net/http"
)

// GetCertificateInfo handler
func GetCertificateInfo(c *gin.Context) {
	query := c.Query("q")
	resp, err := tls.Dial("tcp", query+":443", &tls.Config{})
	if err != nil {
		fmt.Println(err)
		c.JSON(http.StatusBadRequest, gin.H{
			"status":  false,
			"message": "Could not establish connection with server.",
		})
		return
	}
	certificate := resp.ConnectionState().PeerCertificates[0]

	var validationType string
	for _, value := range certificate.PolicyIdentifiers {
		if value.String() == "2.23.140.1.1" {
			validationType = "EV"
		} else if value.String() == "2.23.140.1.2.2" {
			validationType = "OV"
		} else if value.String() == "2.23.140.1.2.1" {
			validationType = "DV"
		}
	}

	extendedKeyUsages := []string{}
	for _, value := range certificate.ExtKeyUsage {
		switch value {
		case 0:
			extendedKeyUsages = append(extendedKeyUsages, "All/Any Usages")
			break
		case 1:
			extendedKeyUsages = append(extendedKeyUsages, "TLS Web Server Authentication")
			break
		case 2:
			extendedKeyUsages = append(extendedKeyUsages, "TLS Web Client Authentication")
			break
		case 3:
			extendedKeyUsages = append(extendedKeyUsages, "Code Signing")
			break
		case 4:
			extendedKeyUsages = append(extendedKeyUsages, "E-mail Protection (S/MIME)")
		default:
			break
		}
	}

	sum := sha1.Sum(certificate.Raw)

	c.JSON(http.StatusOK, gin.H{
		"status": true,
		"subject": gin.H{
			"commonName":         certificate.Subject.CommonName,
			"organization":       certificate.Subject.Organization,
			"organizationalUnit": certificate.Subject.OrganizationalUnit,
			"locality":           certificate.Subject.Locality,
			"country":            certificate.Subject.Country,
		},
		"issuer": gin.H{
			"commonName":         certificate.Issuer.CommonName,
			"organization":       certificate.Issuer.Organization,
			"organizationalUnit": certificate.Issuer.OrganizationalUnit,
			"locality":           certificate.Issuer.Locality,
			"country":            certificate.Issuer.Country,
		},
		"validationType":     validationType,
		"signatureAlgorithm": certificate.SignatureAlgorithm.String(),
		"publicKeyAlgorithm": certificate.PublicKeyAlgorithm.String(),
		"serialNumber":       certificate.SerialNumber.Int64(),
		"notAfter":           certificate.NotAfter,
		"extendedKeyUsage":   extendedKeyUsages,
		"san":                certificate.DNSNames,
		"fingerprint":        hex.EncodeToString(sum[:]),
	})
}
Initial commit 2020-12-11 00:18:06 -05:00			`package routes`

			`import (`
			`"crypto/sha1"`
			`"crypto/tls"`
			`"encoding/hex"`
			`"fmt"`
			`"github.com/gin-gonic/gin"`
			`"net/http"`
			`)`

			`// GetCertificateInfo handler`
			`func GetCertificateInfo(c *gin.Context) {`
			`query := c.Query("q")`
			`resp, err := tls.Dial("tcp", query+":443", &tls.Config{})`
			`if err != nil {`
			`fmt.Println(err)`
			`c.JSON(http.StatusBadRequest, gin.H{`
			`"status": false,`
			`"message": "Could not establish connection with server.",`
			`})`
			`return`
			`}`
			`certificate := resp.ConnectionState().PeerCertificates[0]`

			`var validationType string`
			`for _, value := range certificate.PolicyIdentifiers {`
			`if value.String() == "2.23.140.1.1" {`
			`validationType = "EV"`
			`} else if value.String() == "2.23.140.1.2.2" {`
			`validationType = "OV"`
			`} else if value.String() == "2.23.140.1.2.1" {`
			`validationType = "DV"`
			`}`
			`}`

			`extendedKeyUsages := []string{}`
			`for _, value := range certificate.ExtKeyUsage {`
			`switch value {`
			`case 0:`
			`extendedKeyUsages = append(extendedKeyUsages, "All/Any Usages")`
			`break`
			`case 1:`
			`extendedKeyUsages = append(extendedKeyUsages, "TLS Web Server Authentication")`
			`break`
			`case 2:`
			`extendedKeyUsages = append(extendedKeyUsages, "TLS Web Client Authentication")`
			`break`
			`case 3:`
			`extendedKeyUsages = append(extendedKeyUsages, "Code Signing")`
			`break`
			`case 4:`
			`extendedKeyUsages = append(extendedKeyUsages, "E-mail Protection (S/MIME)")`
			`default:`
			`break`
			`}`
			`}`

			`sum := sha1.Sum(certificate.Raw)`

			`c.JSON(http.StatusOK, gin.H{`
			`"status": true,`
			`"subject": gin.H{`
			`"commonName": certificate.Subject.CommonName,`
			`"organization": certificate.Subject.Organization,`
			`"organizationalUnit": certificate.Subject.OrganizationalUnit,`
			`"locality": certificate.Subject.Locality,`
			`"country": certificate.Subject.Country,`
			`},`
			`"issuer": gin.H{`
			`"commonName": certificate.Issuer.CommonName,`
			`"organization": certificate.Issuer.Organization,`
			`"organizationalUnit": certificate.Issuer.OrganizationalUnit,`
			`"locality": certificate.Issuer.Locality,`
			`"country": certificate.Issuer.Country,`
			`},`
			`"validationType": validationType,`
			`"signatureAlgorithm": certificate.SignatureAlgorithm.String(),`
			`"publicKeyAlgorithm": certificate.PublicKeyAlgorithm.String(),`
			`"serialNumber": certificate.SerialNumber.Int64(),`
			`"notAfter": certificate.NotAfter,`
			`"extendedKeyUsage": extendedKeyUsages,`
			`"san": certificate.DNSNames,`
			`"fingerprint": hex.EncodeToString(sum[:]),`
			`})`
			`}`