feat: scripts
This commit is contained in:
116
scripts/scancert.js
Normal file
116
scripts/scancert.js
Normal file
@@ -0,0 +1,116 @@
|
||||
#! /usr/bin/env runjs
|
||||
|
||||
var TimeUnit = java.util.concurrent.TimeUnit;
|
||||
var DirWalkTool = Packages.me.hatter.tools.commons.file.DirWalkTool;
|
||||
var DirWalker = Packages.me.hatter.tools.commons.file.DirWalkTool.DirWalker;
|
||||
var X509CertUtil = Packages.me.hatter.tools.commons.security.cert.X509CertUtil;
|
||||
|
||||
var OKGREEN = '\033[92m';
|
||||
var WARNING = '\033[93m';
|
||||
var FAIL = '\033[91m';
|
||||
var UNDERLINE = '\033[4m';
|
||||
var ENDC = '\033[0m';
|
||||
|
||||
var main = () => {
|
||||
if ($ARGS == null || $ARGS.length == 0) {
|
||||
println('scancert.js - Scan cert.')
|
||||
println();
|
||||
println('ERROR: NO arguments assigned!');
|
||||
println('scancert.js <dir | file.pem>');
|
||||
return;
|
||||
}
|
||||
var scanCount = 0;
|
||||
var warnings = [];
|
||||
var fails = [];
|
||||
var minDayLeft = null;
|
||||
var maxDayLeft = null;
|
||||
var scanFile = (is, file) => {
|
||||
var bytes = $$.io().bytesAndClose(is);
|
||||
if (bytes.toString().contains('BEGIN CERTIFICATE')) {
|
||||
scanCount++;
|
||||
println('[INFO] Cert pem file found: ' + file);
|
||||
// is cert pem file
|
||||
var certs = X509CertUtil.orderX509CertificateList(X509CertUtil.parseX509CertificateList(bytes.getBytes()));
|
||||
if (certs.size() < 1) {
|
||||
println('[ERROR] Cannot find any cert.');
|
||||
} else {
|
||||
var todayMillis = $$.date().millis();
|
||||
var leafCert = certs.get(0);
|
||||
var notAfter = leafCert.getNotAfter();
|
||||
var altNames = leafCert.getSubjectAlternativeNames();
|
||||
|
||||
var colorStart = OKGREEN;
|
||||
var colorEnd = ENDC;
|
||||
if (notAfter.getTime() < (todayMillis + TimeUnit.DAYS.toMillis(10))) {
|
||||
colorStart = FAIL;
|
||||
fails.push(file);
|
||||
} else if (notAfter.getTime() < (todayMillis + TimeUnit.DAYS.toMillis(30))) {
|
||||
colorStart = WARNING;
|
||||
warnings.push(file);
|
||||
}
|
||||
var dayLeft = parseInt((notAfter.getTime() - todayMillis) / TimeUnit.DAYS.toMillis(1));
|
||||
minDayLeft = (minDayLeft == null)? dayLeft: Math.min(minDayLeft, dayLeft);
|
||||
maxDayLeft = (maxDayLeft == null)? dayLeft: Math.max(maxDayLeft, dayLeft);
|
||||
println(colorStart
|
||||
+ 'Expires: '+ $$.date().fmt('yyyy-MM-dd').format(notAfter)
|
||||
+ ' (' + dayLeft + ' days)'
|
||||
+ colorEnd
|
||||
+ ', DNS Name(s): ' + $ARRAY(altNames).map((n) => { return n.get(1) }).join(', '));
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
var f = $$.file($ARGS[0]);
|
||||
if (!f.exists()) {
|
||||
println('File or Directory not exists: ' + f);
|
||||
return;
|
||||
}
|
||||
if (f.isFile()) {
|
||||
scanFile($$.rFile(f).rStream().stream(), f);
|
||||
} else {
|
||||
var dir = f;
|
||||
println('[INFO] Scan .pem file(s): ' + dir);
|
||||
var walkTool = new DirWalkTool(dir);
|
||||
|
||||
walkTool.walk(new DirWalker({
|
||||
"accept": (file) => {
|
||||
if (file.isDirectory()) {
|
||||
return true;
|
||||
}
|
||||
if (file.getName().endsWith('.pem')) {
|
||||
return true;
|
||||
}
|
||||
},
|
||||
"readInputStream": (is, file) => {
|
||||
scanFile(is, file);
|
||||
}
|
||||
}));
|
||||
}
|
||||
println();
|
||||
println('Scaned file: ' + scanCount);
|
||||
if (warnings.length > 0) {
|
||||
print(WARNING);
|
||||
println('WARNINGS:');
|
||||
warnings.forEach((f) => {
|
||||
println(f);
|
||||
});
|
||||
print(ENDC);
|
||||
}
|
||||
if (fails.length > 0) {
|
||||
print(FAIL);
|
||||
println('FAILS:');
|
||||
fails.forEach((f) => {
|
||||
println(f);
|
||||
});
|
||||
print(ENDC);
|
||||
}
|
||||
if ((warnings.length == 0) && (fails.length == 0)) {
|
||||
println(OKGREEN + 'No waning or fail found.' + ENDC)
|
||||
}
|
||||
if ((minDayLeft != null) && (maxDayLeft != null)) {
|
||||
println('Day left, min: ' + minDayLeft + ', max: ' + maxDayLeft);
|
||||
}
|
||||
};
|
||||
|
||||
main();
|
||||
|
||||
Reference in New Issue
Block a user