From f855d23e8fd9511fea631ddff5b014bbbde1186d Mon Sep 17 00:00:00 2001
From: starainrt <i@b612.me>
Date: Sun, 14 Apr 2024 00:35:04 +0800
Subject: [PATCH] add tls show cert

---
 tls/cert.go | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)

diff --git a/tls/cert.go b/tls/cert.go
index efe82a0..2e4a051 100644
--- a/tls/cert.go
+++ b/tls/cert.go
@@ -54,6 +54,76 @@ func showTls(target string, showDetail bool, dumpPath string) {
 		return
 	}
 	starlog.Infof("证书获取成功，证书链上共有%d个证书\n", len(certs))
+	state := conn.ConnectionState()
+
+	switch state.Version {
+	case tls.VersionSSL30:
+		starlog.Infoln("当前TLS版本: SSL 3.0")
+	case tls.VersionTLS10:
+		starlog.Infoln("当前TLS版本: TLS 1.0")
+	case tls.VersionTLS11:
+		starlog.Infoln("当前TLS版本: TLS 1.1")
+	case tls.VersionTLS12:
+		starlog.Infoln("当前TLS版本: TLS 1.2")
+	case tls.VersionTLS13:
+		starlog.Infoln("当前TLS版本: TLS 1.3")
+	}
+	switch state.CipherSuite {
+	case tls.TLS_RSA_WITH_RC4_128_SHA:
+		starlog.Infoln("当前加密套件: TLS_RSA_WITH_RC4_128_SHA")
+	case tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_RSA_WITH_3DES_EDE_CBC_SHA")
+	case tls.TLS_RSA_WITH_AES_128_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_RSA_WITH_AES_128_CBC_SHA")
+	case tls.TLS_RSA_WITH_AES_256_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_RSA_WITH_AES_256_CBC_SHA")
+	case tls.TLS_RSA_WITH_AES_128_CBC_SHA256:
+		starlog.Infoln("当前加密套件: TLS_RSA_WITH_AES_128_CBC_SHA256")
+	case tls.TLS_RSA_WITH_AES_128_GCM_SHA256:
+		starlog.Infoln("当前加密套件: TLS_RSA_WITH_AES_128_GCM_SHA256")
+	case tls.TLS_RSA_WITH_AES_256_GCM_SHA384:
+		starlog.Infoln("当前加密套件: TLS_RSA_WITH_AES_256_GCM_SHA384")
+	case tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA")
+	case tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA")
+	case tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA")
+	case tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_RC4_128_SHA")
+	case tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA")
+	case tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA")
+	case tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA")
+	case tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256")
+	case tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256")
+	case tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
+	case tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
+	case tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
+	case tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384")
+	case tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305")
+	case tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305:
+		starlog.Infoln("当前加密套件: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305")
+	case tls.TLS_AES_128_GCM_SHA256:
+		starlog.Infoln("当前加密套件: TLS_AES_128_GCM_SHA256")
+	case tls.TLS_AES_256_GCM_SHA384:
+		starlog.Infoln("当前加密套件: TLS_AES_256_GCM_SHA384")
+	case tls.TLS_CHACHA20_POLY1305_SHA256:
+		starlog.Infoln("当前加密套件: TLS_CHACHA20_POLY1305_SHA256")
+	default:
+		starlog.Infoln("当前加密套件：", state.CipherSuite)
+	}
+	starlog.Infoln("服务器名称:", state.ServerName)
+
 	if showDetail {
 		for _, c := range certs {
 			if c.IsCA {