commit a9128fdb6cb27528aaa40e27ec3e9e3abb8d745f Author: Blallo Date: Thu Jul 26 23:33:48 2018 +0200 Init diff --git a/get_cert.py b/get_cert.py new file mode 100755 index 0000000..e27b175 --- /dev/null +++ b/get_cert.py @@ -0,0 +1,57 @@ +#!/usr/bin/env python3 + +import hashlib +import ssl +import socket +import types + +import click + + +def establish_conn(addr, port, starttls): + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sock.settimeout(1) + try: + if starttls: + print("Using STARTTLS") + sock.connect((addr, port)) + sock.send(b"STARTTLS\n") + sock.recv(1000) + wrapped_socket = ssl.wrap_socket(sock) + else: + wrapped_socket = ssl.wrap_socket(sock) + wrapped_socket.connect((addr, port)) + + yield wrapped_socket.getpeercert(True) + + finally: + wrapped_socket.close() + + +def get_cert(addr, port, starttls): + cert = establish_conn(addr, port, starttls) + pem_cert = ssl.DER_cert_to_PEM_cert(cert) + print(pem_cert) + + return cert + +def compute_fingerprints(cert): + thumb_md5 = hashlib.md5(cert).hexdigest() + thumb_sha1 = hashlib.sha1(cert).hexdigest() + thumb_sha256 = hashlib.sha256(cert).hexdigest() + print("MD5: " + thumb_md5) + print("SHA1: " + thumb_sha1) + print("SHA256: " + thumb_sha256) + + + +@click.command() +@click.argument('address')#, help="address to be used to retrieve the certificate") +@click.option('-p', '--port', default=443, type=click.IntRange(1,65535), help="the port to connect to") +@click.option('--starttls', is_flag=True, flag_value=True, help="wether to use starttls on connection") +def doit(address, port, starttls): + cert = get_cert(address, port, starttls) + compute_fingerprints(cert) + +if __name__ == '__main__': + doit() diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..7598b7b --- /dev/null +++ b/setup.py @@ -0,0 +1,14 @@ +from setuptools import setup + +setup( + name='certo', + version='0.3', + py_modules=['get_cert'], + install_requires=[ + 'Click', + ], + entry_points=''' + [console_scripts] + certo=get_cert:doit + ''', +)