Add valid Key to Context

2018-04-21 10:43:32 +04:30 · 2018-04-21 10:43:32 +04:30 · cbd3d8149d
commit cbd3d8149d
parent 6152b965e0
2 changed files with 17 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -3,7 +3,7 @@

 ## About

-It's a simple script running in python that collects SSL information then it returns the group of information in JSON.
+It's a simple script running in python that collects SSL information then it returns the group of information in JSON. The output will have `valid` key which shows whether or not the hostname matches the certificate.

 ## Requirements

@ -59,26 +59,30 @@ Analyzing 7 hosts:
 Example only with the `-j` and `-p` arguments which shows the JSON only. Perfect for piping to another tool.

 ```
-narbeh@narbeh-xps:~/ssl-checker$ ./ssl_checker.py -j -p -H test.com narbeh.org:443
+narbeh@narbeh-xps:~/ssl-checker$ ./ssl_checker.py -j -p -H  narbeh.org:443 test.com
 {'narbeh.org': {'cert_alg': u'sha256WithRSAEncryption',
                'cert_exp': False,
-                'cert_sn': 319510066429286596971677345373584681421772L,
+                'cert_sn': 338163108483756707389368573553026254634358L,
                'cert_ver': 2,
+                'issued_to': u'narbeh.org',
                'issuer_c': u'US',
                'issuer_cn': u"Let's Encrypt Authority X3",
                'issuer_o': u"Let's Encrypt",
                'issuer_ou': None,
-                'valid_from': '2018-02-17',
-                'valid_till': '2018-05-18',
+                'valid': True,
+                'valid_from': '2018-04-21',
+                'valid_till': '2018-07-20',
                'validity_days': 90},
 'test.com': {'cert_alg': u'sha256WithRSAEncryption',
              'cert_exp': False,
              'cert_sn': 73932709062103623902948514363737041075L,
              'cert_ver': 2,
+              'issued_to': u'www.test.com',
              'issuer_c': u'US',
              'issuer_cn': u'Network Solutions DV Server CA 2',
              'issuer_o': u'Network Solutions L.L.C.',
              'issuer_ou': None,
+              'valid': False,
              'valid_from': '2017-01-15',
              'valid_till': '2020-01-24',
              'validity_days': 1104}}
--- a/ssl_checker.py
+++ b/ssl_checker.py
@ -38,10 +38,13 @@ def get_cert(host, port):
    return cert


-def get_cert_info(cert):
+def get_cert_info(host, cert):
    """Get all the information about cert and create a JSON file."""
    context = {}

+    cert_subject = cert.get_subject()
+
+    context['issued_to'] = cert_subject.CN
    context['issuer_c'] = cert.get_issuer().countryName
    context['issuer_o'] = cert.get_issuer().organizationName
    context['issuer_ou'] = cert.get_issuer().organizationalUnitName
@ -64,6 +67,9 @@ def get_cert_info(cert):
    # Validity days
    context['validity_days'] = (valid_till - valid_from).days

+    # Certificate validation
+    context['valid'] = True if host == context['issued_to'] else False
+
    return context


@ -85,7 +91,7 @@ def show_result(user_args):

        try:
            cert = get_cert(host, port)
-            context[host] = get_cert_info(cert)
+            context[host] = get_cert_info(host, cert)
            if not user_args.json_true:
                print('\t{}[+]{} {:<20s} Expired: {}'.format(Clr.GREEN, Clr.RST, host, context[host]['cert_exp']))
        except Exception as error: