87 lines
2.5 KiB
Go
87 lines
2.5 KiB
Go
package routes
|
|
|
|
import (
|
|
"crypto/sha1"
|
|
"crypto/tls"
|
|
"encoding/hex"
|
|
"fmt"
|
|
"github.com/gin-gonic/gin"
|
|
"net/http"
|
|
)
|
|
|
|
// GetCertificateInfo handler
|
|
func GetCertificateInfo(c *gin.Context) {
|
|
query := c.Query("q")
|
|
resp, err := tls.Dial("tcp", query+":443", &tls.Config{})
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
"status": false,
|
|
"message": "Could not establish connection with server.",
|
|
})
|
|
return
|
|
}
|
|
certificate := resp.ConnectionState().PeerCertificates[0]
|
|
|
|
var validationType string
|
|
for _, value := range certificate.PolicyIdentifiers {
|
|
if value.String() == "2.23.140.1.1" {
|
|
validationType = "EV"
|
|
} else if value.String() == "2.23.140.1.2.2" {
|
|
validationType = "OV"
|
|
} else if value.String() == "2.23.140.1.2.1" {
|
|
validationType = "DV"
|
|
}
|
|
}
|
|
|
|
extendedKeyUsages := []string{}
|
|
for _, value := range certificate.ExtKeyUsage {
|
|
switch value {
|
|
case 0:
|
|
extendedKeyUsages = append(extendedKeyUsages, "All/Any Usages")
|
|
break
|
|
case 1:
|
|
extendedKeyUsages = append(extendedKeyUsages, "TLS Web Server Authentication")
|
|
break
|
|
case 2:
|
|
extendedKeyUsages = append(extendedKeyUsages, "TLS Web Client Authentication")
|
|
break
|
|
case 3:
|
|
extendedKeyUsages = append(extendedKeyUsages, "Code Signing")
|
|
break
|
|
case 4:
|
|
extendedKeyUsages = append(extendedKeyUsages, "E-mail Protection (S/MIME)")
|
|
default:
|
|
break
|
|
}
|
|
}
|
|
|
|
sum := sha1.Sum(certificate.Raw)
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
"status": true,
|
|
"subject": gin.H{
|
|
"commonName": certificate.Subject.CommonName,
|
|
"organization": certificate.Subject.Organization,
|
|
"organizationalUnit": certificate.Subject.OrganizationalUnit,
|
|
"locality": certificate.Subject.Locality,
|
|
"country": certificate.Subject.Country,
|
|
},
|
|
"issuer": gin.H{
|
|
"commonName": certificate.Issuer.CommonName,
|
|
"organization": certificate.Issuer.Organization,
|
|
"organizationalUnit": certificate.Issuer.OrganizationalUnit,
|
|
"locality": certificate.Issuer.Locality,
|
|
"country": certificate.Issuer.Country,
|
|
},
|
|
"validationType": validationType,
|
|
"signatureAlgorithm": certificate.SignatureAlgorithm.String(),
|
|
"publicKeyAlgorithm": certificate.PublicKeyAlgorithm.String(),
|
|
"serialNumber": certificate.SerialNumber.Int64(),
|
|
"notAfter": certificate.NotAfter,
|
|
"extendedKeyUsage": extendedKeyUsages,
|
|
"san": certificate.DNSNames,
|
|
"fingerprint": hex.EncodeToString(sum[:]),
|
|
})
|
|
}
|