Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 13:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Refactor X509 generalizedtime support and test.

Browse source 
The generalizedtime support in for certificates now fits more
seamlessly to how the rest of the code was structured and does the
different processing for UTC and generalized times at the beginning,
when checking for them.

The test does not output the common name anymore, since the output
format might change accross openssl versions (inserted the serial
instead).

I also added a bit more error checking for the UTC time case.
This commit is contained in:
Johanna Amann 2015-09-18 12:32:23 -07:00
parent 2327f5bba5
commit 708ede22c6
3 changed files with 40 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

8
testing/btest/Baseline/core.x509-generalizedtime/output
View file

@ -1,16 +1,16 @@
----- x509_certificate ----
subject: CN=bro-generalizedtime-test,O=Bro,C=NL
serial: 03E8
not_valid_before: 2015-09-01-13:33:37.000000000 (epoch: 1441114417.0)
not_valid_after : 2025-09-01-13:33:37.000000000 (epoch: 1756733617.0)
----- x509_certificate ----
subject: CN=*.taleo.net,OU=Comodo PremiumSSL Wildcard,OU=Web,O=Taleo Inc.,street=4140 Dublin Boulevard,street=Suite 400,L=Dublin,ST=CA,postalCode=94568,C=US
serial: 99FAA8037A4EB2FAEF84EB5E55D5B8C8
not_valid_before: 2011-05-04-00:00:00.000000000 (epoch: 1304467200.0)
not_valid_after : 2016-07-04-23:59:59.000000000 (epoch: 1467676799.0)
----- x509_certificate ----
subject: CN=COMODO High-Assurance Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
serial: 1690C329B6780607511F05B0344846CB
not_valid_before: 2010-04-16-00:00:00.000000000 (epoch: 1271376000.0)
not_valid_after : 2020-05-30-10:48:38.000000000 (epoch: 1590835718.0)
----- x509_certificate ----
subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
serial: 01
not_valid_before: 2000-05-30-10:48:38.000000000 (epoch: 959683718.0)
not_valid_after : 2020-05-30-10:48:38.000000000 (epoch: 1590835718.0)

2
testing/btest/core/x509-generalizedtime.bro
View file

@ -4,7 +4,7 @@
event x509_certificate(f: fa_file, cert_ref: opaque of x509, cert: X509::Certificate)
{
print "----- x509_certificate ----";
print fmt("subject: %s", cert$subject);
print fmt("serial: %s", cert$serial);
print fmt("not_valid_before: %T (epoch: %s)", cert$not_valid_before, cert$not_valid_before);
print fmt("not_valid_after : %T (epoch: %s)", cert$not_valid_after, cert$not_valid_after);
}