Nmap Development mailing list archives
Re: SSL certificate key length in ssl-cert.nse
From: David Fifield <david () bamsoftware com>
Date: Mon, 18 Oct 2010 20:12:34 -0700
On Mon, Oct 18, 2010 at 07:39:13PM -0400, Matt Selsky wrote:
On Oct 4, 2010, at 2:13 PM, David Fifield <david () bamsoftware com> wrote:Excellent, that's just right. Your patch provides a new member of the table, cert.pkey_bits. That's good, but I think we can provide even more information with a uniform interface. What I am thinking is this: cert = { subject = ..., issuer = ..., validity = ..., pem = ..., pubkey = { type = "rsa", bits = 1024, } }Do you have an example I can follow to make a nested table?
I haven't tested this but it should be something like /* Certificate table is at position -1 */ lua_newtable(L); /* Table T at position -1 */ lua_pushstring(pkey_type); /* T now at position -2 */ lua_setfield(L, -2, "type"); /* T now at position -1 */ lua_pushnumber(pkey_bits); /* T now at position -2 */ lua_setfield(L, -2, "bits"); /* T now at position -1 */ lua_setfield(L, -2, "pubkey"); /* Assign T in the certificate table */ You don't need to add all those comments.
Can you make a patch that does this? Looking at EVP_PKEY_type in crypto/evp/p_lib.c it looks like the possible types are "rsa", "dsa", "dh", and "ec".I've only seen keys of type RSA. Does SSL itself support non-RSA key-types?
Yes it does. But you don't have to worry about it. Just define a function pkey_type_to_string that returns "rsa" for EVP_PKEY_RSA, "dsa" for EVP_PKEY_DSA, and so on. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 04)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 18)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 18)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 19)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 19)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 20)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 20)
- Re: SSL certificate key length in ssl-cert.nse Matt Selsky (Oct 01)
- Re: SSL certificate key length in ssl-cert.nse David Fifield (Oct 01)