From cdf5c21951ec094313cb960cbbc42bc9a50d3b57 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 8 Jan 2020 17:39:51 +0000
Subject: [PATCH] Ensure consistent ordering of XML output in ssl-cert.nse

---
 scripts/ssl-cert.nse | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/scripts/ssl-cert.nse b/scripts/ssl-cert.nse
index 4fecf3d0a..b7608c1cb 100644
--- a/scripts/ssl-cert.nse
+++ b/scripts/ssl-cert.nse
@@ -215,22 +215,19 @@ local function output_tab(cert)
   local o = stdnse.output_table()
   o.subject = name_to_table(cert.subject)
   o.issuer = name_to_table(cert.issuer)
-  o.pubkey = {}
-  for k, v in pairs(cert.pubkey) do
-    local out = v
-    if have_openssl and type(v) == "userdata" then
-      if k == "exponent" then
-        out = openssl.bignum_bn2dec(v)
-      else
-        out = openssl.bignum_bn2hex(v)
-      end
-    end
-    o.pubkey[k] = out
-  end
+
+  o.pubkey = stdnse.output_table()
+  o.pubkey.type = cert.pubkey.type
+  o.pubkey.bits = cert.pubkey.bits
+  o.pubkey.modulus = openssl.bignum_bn2hex(cert.pubkey.modulus)
+  o.pubkey.exponent = openssl.bignum_bn2dec(cert.pubkey.exponent)
+
   o.extensions = cert.extensions
   o.sig_algo = cert.sig_algorithm
-  o.validity = {}
-  for k, v in pairs(cert.validity) do
+
+  o.validity = stdnse.output_table()
+  for i, k in ipairs({"notBefore", "notAfter"}) do
+    local v = cert.validity[k]
     if type(v)=="string" then
       o.validity[k] = v
     else