Nmap Development mailing list archives
Re: SSL certificate key length in ssl-cert.nse
From: David Fifield <david () bamsoftware com>
Date: Mon, 4 Oct 2010 12:13:18 -0600
On Sat, Oct 02, 2010 at 12:43:45AM -0400, Matt Selsky wrote:
On Fri, 1 Oct 2010, David Fifield wrote:Yes, you should just add whatever you need to l_get_ssl_certificate. It will mean finding the appropriate OpenSSL function, then storing the result of calling the function in the returned table. You can see an example of getting a key size in the OpenSSL source code, in the file apps/s_client.c. ("Server public key is %d bit\n".)Thanks for the tips. I got it working. Patch is attached. Is this something others would find useful? If it needs to be cleaned up in order to be included upstream, let me know.
Excellent, that's just right. Your patch provides a new member of the table, cert.pkey_bits. That's good, but I think we can provide even more information with a uniform interface. What I am thinking is this: cert = { subject = ..., issuer = ..., validity = ..., pem = ..., pubkey = { type = "rsa", bits = 1024, } } Can you make a patch that does this? Looking at EVP_PKEY_type in crypto/evp/p_lib.c it looks like the possible types are "rsa", "dsa", "dh", and "ec". David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 04)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 18)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 18)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 19)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 19)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 20)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 20)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 01)