mirror of
https://github.com/adulau/crl-monitor.git
synced 2024-12-26 10:46:08 +00:00
Add a cquery API to query per SHA1 fingerprint of a certificate
Sample output: curl http://127.0.0.1:8888/cquery/37ffbb160d4c97c42f5126bebc9c18eeffe5ede3 {"seen": ["149.13.33.195", "149.13.33.194"], "hits": 2, "certificate": "37ffbb160d4c97c42f5126bebc9c18eeffe5ede3"}
This commit is contained in:
parent
436afcc6ad
commit
55dd12efc8
1 changed files with 40 additions and 2 deletions
|
@ -1,7 +1,8 @@
|
|||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# Lookup IP for known fingerprints and X.509 subjects via HTTP API
|
||||
# Lookup IP or CIDR block for known fingerprints and X.509 subjects via HTTP API /query/149.13.30.0/24
|
||||
# Lookup fingerprint of certificate where seen /cquery/16c25d401f35dd52fb4aec85eb1f1a28ce16f961
|
||||
#
|
||||
# Software is free software released under the GNU General Public License version 3 and later
|
||||
#
|
||||
|
@ -21,6 +22,17 @@ import tornado.web
|
|||
from tornado.options import define, options
|
||||
define("port", default=8888, help="run on the given port", type=int)
|
||||
ipmaxsize = 512 #/23
|
||||
servername = 'SSL Certificate API - https://github.com/adulau/crl-monitor'
|
||||
|
||||
def checksha1(value=False):
|
||||
if value is False or len(value) != 40:
|
||||
return False
|
||||
try:
|
||||
sha1int = int(value, 16)
|
||||
except ValueError:
|
||||
return False
|
||||
|
||||
return True
|
||||
|
||||
class SSLQueryHandler(tornado.web.RequestHandler):
|
||||
|
||||
|
@ -71,14 +83,40 @@ class SSLQueryHandler(tornado.web.RequestHandler):
|
|||
|
||||
if not self._finished:
|
||||
self.set_header('Content-Type', 'application/json')
|
||||
self.set_header('Server', 'https://github.com/adulau/crl-monitor')
|
||||
self.set_header('Server', servername)
|
||||
self.write(json.dumps(out))
|
||||
|
||||
class CertificateQueryHandler(tornado.web.RequestHandler):
|
||||
def get(self, input):
|
||||
try:
|
||||
r = redis.StrictRedis(host='127.0.0.1', port=8323)
|
||||
except:
|
||||
print "Unable to connect to the Redis server"
|
||||
sys.exit(255)
|
||||
fp = input.lower()
|
||||
if not checksha1(value=fp):
|
||||
self.clear()
|
||||
self.set_status(400)
|
||||
self.finish('Incorrect format of the certificate fingerprint (expected SHA1 in hex format)')
|
||||
|
||||
out = {}
|
||||
out['certificate'] = fp
|
||||
out['seen'] = []
|
||||
ips = r.smembers('s:{}'.format(fp))
|
||||
out['hits'] = len(ips)
|
||||
for ip in ips:
|
||||
out['seen'].append(ip)
|
||||
|
||||
if not self._finished:
|
||||
self.set_header('Content-Type', 'application/json')
|
||||
self.set_header('Server', servername)
|
||||
self.write(json.dumps(out))
|
||||
|
||||
if __name__ == "__main__":
|
||||
tornado.options.parse_command_line()
|
||||
app = tornado.web.Application(handlers=[
|
||||
(r"/query/(.*)", SSLQueryHandler),
|
||||
(r"/cquery/(.*)", CertificateQueryHandler)
|
||||
])
|
||||
http_server = tornado.httpserver.HTTPServer(app)
|
||||
http_server.listen(options.port)
|
||||
|
|
Loading…
Reference in a new issue