Browse Source

Deal with non-rsa public key algorithms.

Even if it is presumably not mandatory to have a rsa algorithm for ask_crt()
callback, this commit *excludes* every non-rsa certificate from probing.
Michele Orrù 11 years ago
parent
commit
4ebb875769
2 changed files with 26 additions and 7 deletions
  1. 13 2
      src/indiana.c
  2. 13 5
      src/qa.c

+ 13 - 2
src/indiana.c

@@ -14,6 +14,8 @@
 
 extern qa_question_t MetadataQuestion;
 
+#define SITE "site"
+
 int main(int argc, char **argv)
 {
   int proc, procs;
@@ -23,6 +25,7 @@ int main(int argc, char **argv)
   char site[128];
   X509 *crt;
   RSA *rsa;
+  EVP_PKEY *pkey;
 
   QA_library_init();
 
@@ -41,12 +44,20 @@ int main(int argc, char **argv)
       continue;
     }
 
-    rsa = X509_get_pubkey(crt)->pkey.rsa;
+    pkey = X509_get_pubkey(crt);
+    if (!pkey || pkey->type != EVP_PKEY_RSA) {
+      fprintf(stderr, "NO RSA: %s\n", site);
+      continue;
+    }
+
+    rsa = pkey->pkey.rsa;
+    printf("%-10s: %s\n", SITE, site);
     run_question(&MetadataQuestion, crt, rsa);
     X509_free(crt);
   }
 
-  QA_library_del();
+  //  MPI_Barrier(MPI_COMM_WORLD);
+  MPI_Finalize();
   return EXIT_SUCCESS;
 
 }

+ 13 - 5
src/qa.c

@@ -157,11 +157,19 @@ qa_dispose(X509 *crt, RSA *rsa)
   int exit_code;
   RSA *pub;
   qa_question_t *q;
+  EVP_PKEY *pkey;
 #ifdef HAVE_OPENMPI
   int proc, procs, i;
 #endif
 
-  if (!rsa && crt)  pub = X509_get_pubkey(crt)->pkey.rsa;
+  if (!rsa && crt)  {
+    pkey = X509_get_pubkey(crt);
+    if (pkey && pkey->type == EVP_PKEY_RSA) pub = pkey->pkey.rsa;
+    else {
+      fprintf(stderr, "[!] Unsupported certificate\n");
+      goto end;
+    }
+  }
   else pub = rsa;
   printf("[+] Certificate acquired\n");
 
@@ -195,10 +203,10 @@ qa_dispose(X509 *crt, RSA *rsa)
       exit_code = EXIT_SUCCESS;
       break;
     default:
-        fprintf(stderr, "[\\] Key has been Broken using %s.\n", q->pretty_name);
-        exit_code = EXIT_SUCCESS;
-        goto end;
-      }
+      fprintf(stderr, "[\\] Key has been Broken using %s.\n", q->pretty_name);
+      exit_code = EXIT_SUCCESS;
+      goto end;
+    }
   }
 
 end: