Categorygithub.com/jamonation/go-tls-check
modulepackage
0.0.2
Repository: https://github.com/jamonation/go-tls-check.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
16
Dependents
0
Files
696 SLOC

# README

Go Report Card

This tool is intended to make it easy to parse local PEM encoded RSA keys and x509 certificates, which are commonly used for HTTPS encryption.

gotls preview for golang.org

Flags are:

gotls -h
NAME:
   gotls - Examine local and remote SSL keys and certificates

USAGE:
   gotls [global options] command [command options] [arguments...]

VERSION:
   0.0.2

COMMANDS:
GLOBAL OPTIONS:
   --cert value, -c value	Filesystem path to public .pem file
   --key value, -k value	Filesystem path to private .key file
   --format value, -f value	Output format (text, json) (default: "text")
   --server value, -s value	Remote server name, e.g. golang.org
   --host value			Remote host, e.g. 216.58.220.49 or golang.org
   --port value, -p value	Remote HTTP port, e.g. 8443 (default: 443)
   --insecure			Skip chain & Root CA validation
   --help, -h			show help
   --version, -v		print the version

TODOS:

  1. REFACTOR (again). Consolidate printing. DRY principle applies.
  2. strip all print/formatting from gotls and put into check.go
  3. remove gotls entirely ignore, was from a temp iteration
  4. Add json output for --server/--host case
  5. Add download cert option for --server/--host case
  6. Add enumerate remote TLS ciphers using n (configurable) channels to check remote servers
  7. Tests. Tests. Tests. Tests. Tests. All dev should stop until there are tests.

# Packages

No description provided by the author

# Functions

CheckCerts connects to a remote Host and can validate a cert chain Or simply display the server's certificate(s).
CheckKeyPair looks to see if a key and cert match each other.
ExtractModulus uses type assertion to get the modulus from a public or private key WHERE IS THE ERROR HANDLING!? Or, should this never be reached if there's no modulus?.
HashMaterial returns hex encoded SHA1 sums of input strings.
PrintKeyAndCerts prints matching or unmatching certificates and keys.
PrintText prints out specific fields of formatted ASN1 certificate data.
ProcessCerts reads and returns an array of certificates.
ProcessKey reads and returns a private key from the filesystem.

# Variables

various global variables for flags.
local file containing PEM certificate(s).
credit to https://husobee.github.io/golang/tls/2016/01/27/golang-tls.html https://gist.github.com/husobee/6e9f998653d66f7481da CipherSuiteMap - list of ciphersuites based on: http://www.iana.org/assignmentS/tls-parameters/tls-parameters.xml reserved/unknown items are excluded.
remote hostname.
skip host/server validation.
local file containing PEM private key.
output format.
remote port.
remote server.
various mappings for signatures, cipher suites thanks to.
various mappings for signatures, cipher suites thanks to.

# Structs

CertJSON contains some selected ASN1 fields for json output willing to add more ASN1 fields, or all if requested.
CertList is a container for local and remote certificates.
KeyContainer is the main struct that contains both public and private keys.
KeyJSON is a container for key & associated (or not) certs.
PrivateKey contains the rsa key, raw byte version, and a JSON representation of the public key & associated cert(s).