PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

New function, sslcert.parse_ssl_certificate

Browse Source 
For reasons, the function is exported from nse_ssl_cert.cc into
nmap.socket, then included and documented in sslcert.lua because it fits
better there.
This commit is contained in:
dmiller
2014-11-05 05:55:52 +00:00
parent aeae800545
commit 2871ba3e6c
4 changed files with 40 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
nse_nsock.cc
View File

@@ -1048,6 +1048,7 @@ LUALIB_API int luaopen_nsock (lua_State *L)
{"loop", l_loop},
{"new", l_new},
{"sleep", l_sleep},
{"parse_ssl_certificate", l_parse_ssl_certificate},
{NULL, NULL}
};

33
nse_ssl_cert.cc
View File

@@ -426,13 +426,32 @@ static const char *pkey_type_to_string(int type)
}
}
static int parse_ssl_cert(lua_State *L, X509 *cert);
int l_parse_ssl_certificate(lua_State *L)
{
X509 *cert;
size_t l;
const char *der;
der = luaL_checklstring(L, 1, &l);
if (der == NULL) {
lua_pushnil(L);
return 1;
}
cert = d2i_X509(NULL, (const unsigned char **) &der, l);
if (cert == NULL) {
lua_pushnil(L);
return 1;
}
return parse_ssl_cert(L, cert);
}
int l_get_ssl_certificate(lua_State *L)
{
SSL *ssl;
struct cert_userdata *udata;
X509 *cert;
X509_NAME *subject, *issuer;
EVP_PKEY *pubkey;
ssl = nse_nsock_get_ssl(L);
cert = SSL_get_peer_certificate(ssl);
@@ -440,6 +459,14 @@ int l_get_ssl_certificate(lua_State *L)
lua_pushnil(L);
return 1;
}
return parse_ssl_cert(L, cert);
}
static int parse_ssl_cert(lua_State *L, X509 *cert)
{
struct cert_userdata *udata;
X509_NAME *subject, *issuer;
EVP_PKEY *pubkey;
udata = (struct cert_userdata *) lua_newuserdata(L, sizeof(*udata));
udata->cert = cert;

1
nse_ssl_cert.h
View File

@@ -123,5 +123,6 @@
/* $Id:$ */
int l_get_ssl_certificate(lua_State *L);
int l_parse_ssl_certificate(lua_State *L);
void nse_nsock_init_ssl_cert(lua_State *L);

8
nselib/sslcert.lua
View File

@@ -29,6 +29,14 @@ local string = require "string"
local xmpp = require "xmpp"
_ENV = stdnse.module("sslcert", stdnse.seeall)
--- Parse an X.509 certificate from DER-encoded string
--@name parse_ssl_certificate
--@class function
--@param der DER-encoded certificate
--@return table containing decoded certificate
--@see nmap.get_ssl_certificate
_ENV.parse_ssl_certificate = nmap.socket.parse_ssl_certificate
StartTLS = {
-- TODO: Implement STARTTLS for NNTP