MorganDavis/gcertcheck.py

## gcertcheck.py
#!/usr/bin/python

import ssl, hashlib
from datetime import date
from optparse import OptionParser

try:
  from dns.resolver import query
  from dns.exception import DNSException
except ImportError:
  print "Failed to Import DNSPython module"
  exit(1)

def checkcert(server, port):
  try:
    cert = ssl.PEM_cert_to_DER_cert(ssl.get_server_certificate((server,port))) #Retrieve Server Certificate
    certhash = hashlib.sha1(cert).hexdigest() #SHA1 the Entire Cert
  except:
    print "ERROR: Host Connect Failure"
    print "Unable to retrieve certificate"
    exit(1)

  lookupdomain = 'certs.googlednstest.com'
  lookupname = certhash+'.'+lookupdomain

  try:
    gcertdb = query(lookupname, 'TXT') #Lookup via DNS
  except DNSException:
    print "ERROR: DNS Exception"
    exit(1)

  answer = gcertdb[0].to_text().strip('"').split(' ') #Split TXT record response

  return answer

def display_results(answer):

  firstseen = int(answer[0])+719163 #"Day#" returned by Google is number of days since 1970 (epoch)
  lastseen = int(answer[1])+719163 #Python Date assumes days from 1900, add 719163 to correct

  firstseendate = date.fromordinal(firstseen).isoformat()
  lastseendate = date.fromordinal(lastseen).isoformat()
  daysbetween = answer[2]

  thisday = int(date.today().toordinal())

  print "Cert First Seen: " + firstseendate + " (" + str((thisday - firstseen)) + " days ago)"
  print "Cert Last Seen: " + lastseendate + " (" + str((thisday - lastseen)) + " days ago)"
  print "No of Days Seen In Between: " + daysbetween

  return

if __name__ == '__main__':
  vers = '0.1'
  descr = """This script will attempt to verify the certificate for the host name specified in the Google Certficate Database."""
  usage = """"""
  parser = OptionParser(usage=usage, version='%prog '+vers, description=descr)
  parser.add_option('-s', '--server', dest='server', help='Server', default='www.google.com', type='string', action='store')
  parser.add_option('-p', '--port', dest='port', help='Port Number', default=443, type='int', action='store')
  (opts, args) = parser.parse_args()

  if opts.server:
    server = opts.server

  if opts.port:
    port = opts.port

answer = checkcert(server, port)
display_results(answer)
	#!/usr/bin/python

	import ssl, hashlib
	from datetime import date
	from optparse import OptionParser

	try:
	from dns.resolver import query
	from dns.exception import DNSException
	except ImportError:
	print "Failed to Import DNSPython module"
	exit(1)

	def checkcert(server, port):
	try:
	cert = ssl.PEM_cert_to_DER_cert(ssl.get_server_certificate((server,port))) #Retrieve Server Certificate
	certhash = hashlib.sha1(cert).hexdigest() #SHA1 the Entire Cert
	except:
	print "ERROR: Host Connect Failure"
	print "Unable to retrieve certificate"
	exit(1)

	lookupdomain = 'certs.googlednstest.com'
	lookupname = certhash+'.'+lookupdomain

	try:
	gcertdb = query(lookupname, 'TXT') #Lookup via DNS
	except DNSException:
	print "ERROR: DNS Exception"
	exit(1)

	answer = gcertdb[0].to_text().strip('"').split(' ') #Split TXT record response

	return answer

	def display_results(answer):

	firstseen = int(answer[0])+719163 #"Day#" returned by Google is number of days since 1970 (epoch)
	lastseen = int(answer[1])+719163 #Python Date assumes days from 1900, add 719163 to correct

	firstseendate = date.fromordinal(firstseen).isoformat()
	lastseendate = date.fromordinal(lastseen).isoformat()
	daysbetween = answer[2]

	thisday = int(date.today().toordinal())

	print "Cert First Seen: " + firstseendate + " (" + str((thisday - firstseen)) + " days ago)"
	print "Cert Last Seen: " + lastseendate + " (" + str((thisday - lastseen)) + " days ago)"
	print "No of Days Seen In Between: " + daysbetween

	return

	if __name__ == '__main__':
	vers = '0.1'
	descr = """This script will attempt to verify the certificate for the host name specified in the Google Certficate Database."""
	usage = """"""
	parser = OptionParser(usage=usage, version='%prog '+vers, description=descr)
	parser.add_option('-s', '--server', dest='server', help='Server', default='www.google.com', type='string', action='store')
	parser.add_option('-p', '--port', dest='port', help='Port Number', default=443, type='int', action='store')
	(opts, args) = parser.parse_args()

	if opts.server:
	server = opts.server

	if opts.port:
	port = opts.port

	answer = checkcert(server, port)
	display_results(answer)