zcertificate

package module

v0.0.1 Latest Latest Go to latest Published: Dec 13, 2020 License: Apache-2.0 Imports: 5 Imported by: 12

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/zmap/zcertificate

Links

Open Source Insights

README ¶

ZCertificate

ZCertificate parses X.509 certificates and runs ZLint.

Installing ZCertificate

Pick a ZCertificate release and download the .tar.gz archive for your architecture (for example Linux_x86_64.tar.gz):
```
wget https://github.com/zmap/zcertificate/releases/download/v0.0.1/zcertificate_0.0.1_Linux_x86_64.tar.gz
```
Extract the archive and change into the extracted directory:
```
tar xf zcertificate*.tar.gz
cd zcertificate*
```
Make the zcertificate program executable:
```
chmod +x zcertificate 
```
Run the zcertificate program:
```
./zcertificate
```

Building from source

Building ZCertificate from source requires Go 1.15.x or newer.

Assuming the go command is in your $PATH you can build ZCertificate from source with:

go get github.com/zmap/zcertificate/cmd/zcertificate

Usage

$ ./zcertificate --help
Usage of ./zcertificate:
  -fatal-parse-errors
    	Halt if a certificate cannot be parsed. Default is to log.
  -json-parse-errors
    	Output json if a certificate cannot be parsed. Default is not to.
  -format string
    	one of {pem, base64} (default "pem")
  -output-file string
    	Specifies file path for the output JSON. (default "-")
  -procs int
    	Specifies number of processes to run on. Default is 0, meaning use current value of $GOMAXPROCS.
  -workers int
    	Specifies number of goroutines to use to parse and lint certificates. (default 1)

$ cat example.crt | zcertificate | jq .
INFO[0000] reading from stdin
INFO[0000] writing to stdout
{
  "raw": "...",
  "parsed": {
    "version": 3,
    "serial_number": "513",
    "signature_algorithm": {
      "name": "SHA1WithRSA",
      "oid": "1.2.840.113549.1.1.5"
    },
    "issuer": {
      "country": [
        "US"
      ],
  ...
}

Documentation ¶

Index ¶

Constants
func BreakBase64ByLineAsync(out chan []byte, in io.Reader, wg *sync.WaitGroup) error
func BreakPEMAsync(out chan []byte, in io.Reader, pemType string, wg *sync.WaitGroup) error
func ScannerSplitPEM(data []byte, atEOF bool) (int, []byte, error)

Constants ¶

View Source

const MaxPEMEncodedBytes = 10 * 1024 * 1024

Variables ¶

This section is empty.

Functions ¶

func BreakBase64ByLineAsync ¶

func BreakBase64ByLineAsync(out chan []byte, in io.Reader, wg *sync.WaitGroup) error

BreakBase64ByLineAsync reads lines from in, decodes each as base64, and sends them through out. It calls wg.Done() when finished.

func BreakPEMAsync ¶

func BreakPEMAsync(out chan []byte, in io.Reader, pemType string, wg *sync.WaitGroup) error

BreakPEMAsync uses a scanner to split in into decoded PEM objects, and sends them through out. It only returns PEM where the Type matches pemType. If pemType is empty, it returns PEMs of all types.

func ScannerSplitPEM ¶

func ScannerSplitPEM(data []byte, atEOF bool) (int, []byte, error)

ScannerSplitPEM is a split function for a bufio.Scanner that breaks input into chunks that can be handled by pem.Decode().

Types ¶

This section is empty.

Source Files ¶

View all Source files

zcertificate.go

Directories ¶

Path	Synopsis
cmd
zcertificate

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL