Inicio Explorar Ayuda
Iniciar sesión
maker
/
bachelor
Seguir 1
Destacar 0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Árbol: 0cd2d0b42d
Ramas Etiquetas
bachelor
/
src
/
questions
/
metadata.c

metadata.c 2.5 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 
  1. /**
    2. 

  2.  * \file metadata.c
    3. 

  3.  * \brief Certificate Metadata Probe.
    4. 

  4.  *
    5. 

  5.  */
    6. 

  6. 

  7. #include <openssl/pem.h>
    8. 

  8. #include <openssl/rsa.h>
    9. 

  9. #include <openssl/x509.h>
    10. 

  10. 

  11. #include "qa/questions/questions.h"
    12. 

  12. 

  13. 

  14. /* taken from openssl's s_client app source */
    15. 

  15. #define BUFSIZE 1024*8
    16. 

  16. /* for some reasons this is commented into openssl's source code x509.h */
    17. 

  17. #define	X509_get_serialNumber(x) ((x)->cert_info->serialNumber)
    18. 

  18. 

  19. #define ISSUER  "issuer"
    20. 

  20. #define SUBJECT "subject"
    21. 

  21. #define SERIAL  "serial"
    22. 

  22. #define BITLEN  "bitlen"
    23. 

  23. #define PKEY    "public key"
    24. 

  24. #define NBITLEN "N bits"
    25. 

  25. #define EBITLEN "e bits"
    26. 

  26. 

  27. static BIO* out;
    28. 

  28. 

  29. static int
    30. 

  30. metadata_question_setup(void)
    31. 

  31. {
    32. 

  32.   out = BIO_new_fp(stdout, BIO_NOCLOSE);
    33. 

  33.   return (out != NULL);
    34. 

  34. }
    35. 

  35. 

  36. 

  37. static int
    38. 

  38. metadata_question_teardown(void)
    39. 

  39. {
    40. 

  40.   return BIO_free(out);
    41. 

  41. }
    42. 

  42. 

  43. static int
    44. 

  44. metadata_question_ask_crt(X509* crt)
    45. 

  45. {
    46. 

  46.   EVP_PKEY* pkey = NULL;
    47. 

  47.   BIGNUM *serial = NULL;
    48. 

  48.   char *sserial = NULL;
    49. 

  49.   char buf[BUFSIZE];
    50. 

  50. 

  51.   /* subject informations: country, organization, common name */
    52. 

  52.   X509_NAME_oneline(X509_get_subject_name(crt), buf, sizeof(buf));
    53. 

  53.   BIO_printf(out, "%-10s: %s\n", SUBJECT, buf);
    54. 

  54. 

  55. 

  56.   /* issuer informations: country, organization, common name */
    57. 

  57.   X509_NAME_oneline(X509_get_issuer_name(crt), buf, sizeof(buf));
    58. 

  58.   BIO_printf(out, "%-10s: %s\n", ISSUER, buf);
    59. 

  59. 

  60.   /* serial number */
    61. 

  61.   serial = ASN1_INTEGER_to_BN(X509_get_serialNumber(crt), NULL);
    62. 

  62.   sserial = BN_bn2hex(serial);
    63. 

  63.   BIO_printf(out, "%-10s: %s\n", SERIAL, sserial);
    64. 

  64.   OPENSSL_free(sserial);
    65. 

  65.   BN_free(serial);
    66. 

  66. 

  67.   /* public key */
    68. 

  68.   pkey = X509_get_pubkey(crt);
    69. 

  69.   /* BIO_printf(out, "%-10s\n", PKEY); */
    70. 

  70.   /* PEM_write_bio_RSAPublicKey(out, pkey->pkey.rsa); */
    71. 

  71.   /* BIO_printf(out, "\r\n\r\n"); */
    72. 

  72. 

  73. 

  74.   /* public key bitlength */
    75. 

  75.   BIO_printf(out, "%-10s: %d\n", BITLEN,
    76. 

  76.              EVP_PKEY_bits(pkey));
    77. 

  77. 

  78.   /* XXX.  Compression. TLS version.
    79. 

  79.    * This needs access to the socket.
    80. 

  80.    * Therefore a design change has to be taken. :( */
    81. 

  81.   /* Note: debian builds withouth sslv2 support
    82. 

  82.    * <https://lists.debian.org/debian-devel/2011/04/msg00049.html> */
    83. 

  83. 

  84. 

  85.     EVP_PKEY_free(pkey);
    86. 

  86.     return 0;
    87. 

  87. }
    88. 

  88. 

  89. RSA *metadata_question_ask_rsa(const RSA* rsa)
    90. 

  90. {
    91. 

  91.   BIO_printf(out, "%-10s: %d\n", NBITLEN,
    92. 

  92.              BN_num_bits(rsa->n));
    93. 

  93. 

  94.   BIO_printf(out, "%-10s: %d\n", EBITLEN,
    95. 

  95.              BN_num_bits(rsa->e));
    96. 

  96. 

  97.   return NULL;
    98. 

  98. }
    99. 

  99. 

  100. qa_question_t MetadataQuestion = {
    101. 

  101.   .name = "metadata",
    102. 

  102.   .pretty_name = "Metadata",
    103. 

  103.   .setup = metadata_question_setup,
    104. 

  104.   .teardown = metadata_question_teardown,
    105. 

  105.   .ask_crt = metadata_question_ask_crt,
    106. 

  106.   .ask_rsa = metadata_question_ask_rsa
    107. 

  107. };
    108. 

  108.