diff --git a/prober/tcp.go b/prober/tcp.go index 51b337e5..a3eae981 100644 --- a/prober/tcp.go +++ b/prober/tcp.go @@ -98,11 +98,11 @@ func ProbeTCP(ctx context.Context, target string, module config.Module, registry }, []string{"fingerprint_sha256", "subject", "issuer", "subjectalternative"}, ) - + probeSSLLastKeyBits := prometheus.NewGaugeVec( prometheus.GaugeOpts{ Name: "probe_ssl_last_chain_key_bits", - Help: "Contains SSL leaf certificate information", + Help: "Contains SSL leaf key information and size in bits", }, []string{"type", "fingerprint_sha256"}, ) diff --git a/prober/tls.go b/prober/tls.go index b99d998c..274a962b 100644 --- a/prober/tls.go +++ b/prober/tls.go @@ -14,10 +14,10 @@ package prober import ( + "crypto/ecdsa" + "crypto/rsa" "crypto/sha256" "crypto/tls" - "crypto/rsa" - "crypto/ecdsa" "encoding/hex" "strings" "time" @@ -92,12 +92,12 @@ func getTLSCipher(state *tls.ConnectionState) string { func getTLSKeyTypeAndSize(state *tls.ConnectionState) (string, int) { cert := state.PeerCertificates[0] - if key, ok := cert.PublicKey.(*ecdsa.PublicKey); ok { - return "ec", key.Curve.Params().BitSize - } - if key, ok := cert.PublicKey.(*rsa.PublicKey); ok { - return "rsa", key.N.BitLen() - } + if key, ok := cert.PublicKey.(*ecdsa.PublicKey); ok { + return "ec", key.Curve.Params().BitSize + } + if key, ok := cert.PublicKey.(*rsa.PublicKey); ok { + return "rsa", key.N.BitLen() + } return "", 0 } @@ -105,4 +105,4 @@ func getTLSKeyFingerprint(state *tls.ConnectionState) string { cert := state.PeerCertificates[0] fingerprint := sha256.Sum256(cert.RawSubjectPublicKeyInfo) return hex.EncodeToString(fingerprint[:]) -} \ No newline at end of file +}