Golang API wrapper for cryptcheck.fr

Preambule

Many of you know the SSLLabs site. Built by Qualys, Inc., it enables anyone to test various TLS-related parameters for given website running on port 443 (the default for TLS). But did you know there is also the cryptcheck.fr one? Formerly known as Imirhil, it allow not only for https websites to be tested but also SMTP, IMAP, SSH and general TLS (using a different port like a few API do) ones.

Both are integrated in the Mozilla Observatory which also include more tests such as HTTP headers and whether a given site is pre-loaded in browsers (HSTS).

Cryptcheck also has an API to get the information programmatically and I just wrote a Golang library for its API. It is named — not very original I know — as github.com/keltia/cryptcheck and can be found on Github like many Go modules.

Installation

Like many Go libraries and utilities, it is very easy to install:

1

$ go get github.com/keltia/cryptcheck/cmd/...

I use this form because in addition to the library itself, there is a small command included.

The current version of the API wrapper is v1.2.0 (see here)

Usage

Like the README.md shows, usage is very easy, there are only to main functions, GetGradeand GetDetailedReport. You have to initialize the client first of course:

1
2
3
4
5

client := cryptcheck.NewClient()
...
grade, err := client.GetGrade("www.example.com")
...
report, err := client.GetDetailedReport("www.example.com")

You can also pass parameters to NewClient() to change defaults:

1
2
3

cnf := cryptcheck.Config{Timeout: 5, Log:2}
client := cryptcheck.NewClient(cnf)
...

Changeable parameters include the log level for verbosity (Log can be 0, 1 or 2) and whether you want to force a re-check of the site to avoid getting a cached version. (Refresh: true). See the README.md file.

I have not included a generic GetGrade() (without the need to create the client first) because it means no default can be overriden which does make testing rather complicated. Its code, in case you need this, is trivial:

1
2
3

func GetGrade(site string) (string, error) {
    return cryptcheck.NewClient().GetGrade(site)
}

For convenience, I have also written the getgrade utility (found in cmd/getgradeof course) if you just want a nice example and a quick reading:

1
2
3
4

 $ getgrade golang.org
 getgrade Wrapper: 1.2.0 API version 201805

 Grade for 'golang.org' is C

You can run getgrade with the -d option, in which case you will get a JSON dump of the whole report.

If you like this module, you can “star” on github, fork it, etc. It is under the BSD 2-clause license.

Warning

As of v1.x, cryptcheck only implements version 1 of the Cryptcheck API (from tls.imirhil.fr), the second and more complete version is not yet usable nor really documented (as per its author — Aeris).

Notes

I use the Semantic Versioning numbering scheme for this API to facilitate developers’ usage and maintenance.

It is also vgo-compatible and includes the go.modfile for vgo metadata. See this series of articles for more details. vgo aims to be the future scheme to properly manage module dependencies as proposed by Russ Cox.

Enjoy!

Thanks to Aeris for creating both site and API and not getting too annoyed at my constant questionning and asking for changes & features :)

References

api, cryptography, english, golang, tls