Metadata Question.

Initial commit for metadata question.
This question is going to be used in order to survey the security parameters
inside a certificate, and all other metadata informations beside the public key
(organization,....)
Yeah, I know, that's not properly metadata. Nothing better that comes to my mind
now.

src/questions/Makefile.am

@@ -7,9 +7,10 @@ WIENER_QUESTION =     wiener.c         include/qwiener.h
 POLLARD_QUESTION =   pollard.c         include/qpollard.h
 DIXON_QUESTION =       dixon.c
 FERMAT_QUESTION =     fermat.c
+METADATA_QUESTION = metadata.c
 
 QUESTIONS = $(WIENER_QUESTION) $(POLLARD_QUESTION) $(DIXON_QUESTION) \
-	    $(FERMAT_QUESTION) $(EXAMPLE_QUESTION)
+	    $(FERMAT_QUESTION) $(EXAMPLE_QUESTION) $(METADATA_QUESTION)
 
 QLIBSOURCES =         qarith.c         include/qarith.h \
 	            qstrings.c         include/qstrings.h \

src/questions/allquestions.c

@@ -43,4 +43,5 @@ void select_all_questions(void)
   REGISTER_QUESTION(WienerQuestion);
   REGISTER_QUESTION(PollardQuestion);
   REGISTER_QUESTION(FermatQuestion);
+  REGISTER_QUESTION(MetadataQuestion);
 }

src/questions/example.c

@@ -21,7 +21,8 @@ static BIO* out;
  * This functions returns false if `out` could not be opened.
  */
 static int
-example_question_setup(void) {
+example_question_setup(void)
+{
   out = BIO_new_fp(stdout, BIO_NOCLOSE);
 
   return (out != NULL);

src/questions/metadata.c

@@ -0,0 +1,73 @@
+/**
+ * \file metadata.c
+ * \brief Certificate Metadata Probe.
+ *
+ */
+
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+#include "qa/questions/questions.h"
+
+
+/* taken from openssl's s_client app source */
+#define BUFSIZE 1024*8
+
+#define	X509_get_serialNumber(x) ((x)->cert_info->serialNumber)
+
+static BIO* out;
+
+static int
+metadata_question_setup(void)
+{
+  out = BIO_new_fp(stdout, BIO_NOCLOSE);
+  return (out != NULL);
+}
+
+
+static int
+metadata_question_teardown(void)
+{
+  return BIO_free(out);
+}
+
+
+static int
+metadata_question_ask_crt(X509* crt)
+{
+  EVP_PKEY* pkey = NULL;
+  char buf[BUFSIZE];
+
+  /* subject informations: country, organization, common name */
+  X509_NAME_oneline(X509_get_subject_name(crt), buf, sizeof(buf));
+  BIO_printf(out, "s: %s\n", buf);
+
+
+  /* issuer informations: country, organization, common name */
+  X509_NAME_oneline(X509_get_issuer_name(crt), buf, sizeof(buf));
+
+  /* serial number */
+
+  /* public key */
+  pkey = X509_get_pubkey(crt);
+
+  /* public key bitlength */
+  BIO_printf(out, "bitlen: %d\n", EVP_PKEY_bits(pkey));
+
+  /* XXX.  Compression. TLS version.
+   * This needs access to the socket.
+   * Therefore a design change has to be taken. :( */
+  /* Note: debian builds withouth sslv2 support
+   * <https://lists.debian.org/debian-devel/2011/04/msg00049.html> */
+
+
+    EVP_PKEY_free(pkey);
+    return 1;
+}
+
+qa_question_t MetadataQuestion = {
+  .name = "metadata",
+  .pretty_name = "Metadata",
+  .setup = metadata_question_setup,
+  .teardown = metadata_question_teardown,
+  .ask_crt = metadata_question_ask_crt
+};