| 'use strict'; | |
| const fs = require('fs'); | |
| const os = require('os'); | |
| const Path = require('path'); | |
| const hdns = require('hdns'); | |
| const {encoding} = require('hdns/node_modules/bcrypto'); | |
| const {pem} = encoding; | |
| const host = process.argv[2]; | |
| hdns.setServers( | |
| ['anfic6amfi2mpzjy4puf2bfogpvzfpmnu7tvn6eyq66pgtawoz53q@64.227.15.172'] | |
| ); | |
| (async () => { | |
| // Get TLSA record | |
| const tlsa = await hdns.resolveTLSA(host, 'tcp', 443); | |
| console.log('Found TLSA records:\n', tlsa); | |
| // Get certificate from host | |
| const socket = require('tls').connect( | |
| {port: 443, host: host, rejectUnauthorized: false}, | |
| () => { | |
| const cert = socket.getPeerCertificate(false); | |
| console.log('Got peer certificate:\n', cert); | |
| // Verify TLSA record against certificate | |
| const valid = hdns.verifyTLSA(tlsa[0], cert.raw); | |
| console.log('TLSA/cert verification:', valid); | |
| if (valid) { | |
| const crt = pem.toPEM(cert.raw, 'CERTIFICATE'); | |
| console.log('Certificate is valid. Add to system:\n'); | |
| console.log(crt); | |
| // Save certificate to disk in PEM format | |
| fs.writeFileSync( | |
| Path.join(os.homedir(), 'Desktop', host + '.crt'), | |
| crt | |
| ); | |
| } | |
| process.exit(); | |
| } | |
| ); | |
| })(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment