Go wrapper for Imirhil/cryptcheck API. Currently v1 of the API is supported, v2 is not released or documented yet.
API v1 is now at 201809, added missing Error field in Host.
- Go >= 1.10
You need to install my proxy module before if you are using Go 1.10.x or earlier.
go get github.com/keltia/proxy
With Go 1.11+ and its modules support, it should work out of the box with
go get github.com/keltia/cryptcheck/cmd/...
if you have the GO111MODULE environment variable set on on.
There is a small example program included in cmd/cryptcheck to either show the grade of a given site or JSON dump of the detailed report.
You can just get the grade like this:
$ cryptcheck www.ssllabs.com
cryptcheck Wrapper: 1.4.0 API version 201809
Grade for 'www.ssllabs.com' is B (Date: 2018-07-30 23:52:52.494 +0200 CEST)
You can get a more detail report with -d:
$ cryptcheck -d www.ssllabs.com
cryptcheck Wrapper: 1.4.0 API version 201809
{"Hosts":[{"host":{"Name":"www.ssllabs.com","ip":"64.41.200.100","Port":443},"handshake":{"Key":{"type":"rsa","size":20
[...]
You can use jq to display the output of cryptcheck -d <site> in a colorised way (use -raw to remove the banner display):
cryptcheck -raw tls.imirhil.fr | jq .
There is also a debug mode with -D.
By default, Cryptcheck returns the last run cached by the site, if you want to refresh, use -R.
As with many API wrappers, you will need to first create a client with some optional configuration, then there are two main functions:
// Simplest way
c := cryptcheck.NewClient()
grade, err := c.GetScore("example.com")
if err != nil {
log.Fatalf("error: %v", err)
}
// With some options, timeout at 15s and debug-like verbosity
cnf := cryptcheck.Config{
Timeout:15,
Log:2,
}
c := cryptcheck.NewClient(cnf)
report, err := c.GetDetailedReport("foo.xxx")
if err != nil {
log.Fatalf("error: %v", err)
}OPTIONS
| Option | Type | Description |
|---|---|---|
| Timeout | int | time for connections (default: 10s ) |
| Log | int | 1: verbose, 2: debug (default: 0) |
| Refresh | bool | Force refresh of the sites (default: false) |
Dependency: proxy support is provided by my github.com/keltia/proxy module.
UNIX/Linux:
export HTTP_PROXY=[http://]host[:port] (sh/bash/zsh)
setenv HTTP_PROXY [http://]host[:port] (csh/tcsh)
Windows:
set HTTP_PROXY=[http://]host[:port]
The rules of Go's ProxyFromEnvironment apply (HTTP_PROXY, HTTPS_PROXY, NO_PROXY, lowercase variants allowed).
If your proxy requires you to authenticate, please create a file named .netrc in your HOME directory with permissions either 0400 or 0600 with the following data:
machine proxy user <username> password <password>
and it should be picked up. On Windows, the file will be located at
%LOCALAPPDATA%\cryptcheck\netrc
The BSD 2-Clause license.
This project is an open Open Source project, please read CONTRIBUTING.md.
We welcome pull requests, bug fixes and issue reports.
Before proposing a large change, first please discuss your change by raising an issue.