certificate-api/routes/get.go

87 lines
2.5 KiB
Go

package routes
import (
"crypto/sha1"
"crypto/tls"
"encoding/hex"
"fmt"
"github.com/gin-gonic/gin"
"net/http"
)
// GetCertificateInfo handler
func GetCertificateInfo(c *gin.Context) {
query := c.Query("q")
resp, err := tls.Dial("tcp", query+":443", &tls.Config{})
if err != nil {
fmt.Println(err)
c.JSON(http.StatusBadRequest, gin.H{
"status": false,
"message": "Could not establish connection with server.",
})
return
}
certificate := resp.ConnectionState().PeerCertificates[0]
var validationType string
for _, value := range certificate.PolicyIdentifiers {
if value.String() == "2.23.140.1.1" {
validationType = "EV"
} else if value.String() == "2.23.140.1.2.2" {
validationType = "OV"
} else if value.String() == "2.23.140.1.2.1" {
validationType = "DV"
}
}
extendedKeyUsages := []string{}
for _, value := range certificate.ExtKeyUsage {
switch value {
case 0:
extendedKeyUsages = append(extendedKeyUsages, "All/Any Usages")
break
case 1:
extendedKeyUsages = append(extendedKeyUsages, "TLS Web Server Authentication")
break
case 2:
extendedKeyUsages = append(extendedKeyUsages, "TLS Web Client Authentication")
break
case 3:
extendedKeyUsages = append(extendedKeyUsages, "Code Signing")
break
case 4:
extendedKeyUsages = append(extendedKeyUsages, "E-mail Protection (S/MIME)")
default:
break
}
}
sum := sha1.Sum(certificate.Raw)
c.JSON(http.StatusOK, gin.H{
"status": true,
"subject": gin.H{
"commonName": certificate.Subject.CommonName,
"organization": certificate.Subject.Organization,
"organizationalUnit": certificate.Subject.OrganizationalUnit,
"locality": certificate.Subject.Locality,
"country": certificate.Subject.Country,
},
"issuer": gin.H{
"commonName": certificate.Issuer.CommonName,
"organization": certificate.Issuer.Organization,
"organizationalUnit": certificate.Issuer.OrganizationalUnit,
"locality": certificate.Issuer.Locality,
"country": certificate.Issuer.Country,
},
"validationType": validationType,
"signatureAlgorithm": certificate.SignatureAlgorithm.String(),
"publicKeyAlgorithm": certificate.PublicKeyAlgorithm.String(),
"serialNumber": certificate.SerialNumber.Int64(),
"notAfter": certificate.NotAfter,
"extendedKeyUsage": extendedKeyUsages,
"san": certificate.DNSNames,
"fingerprint": hex.EncodeToString(sum[:]),
})
}